SlideShare a Scribd company logo

FluentD Docker Monitoring Log Collection

V
Vinay Krishna

Fluentd and docker monitoring @ dockerbangalore meetup

Technology
1 of 45
Download to read offline
FluentD and Docker Vinay Krishna SolutionsIQ
Monitoring
Is it simple? • Monitoring • Applications • Servers
Logging
What? • Status of application • Keeps information about errors/failure • Status of Network
Why? • Developers • Get help in Debugging • IT admin / support • Get help in Trouble-shooting • Apps running smoothly • Security • Business • Input data – analytics • User interaction / behaviors • Improvements
Assumptions • I have enough disk space • I/O operations will not block • Log messages are human readable • My logging mechanism scale • Basically, yeah.. it should work.
Concerns • Logs increase = data increase • Message format get more complex • Did the Kernel flush the buffers ? (sync(2)) • Multi-thread application ?, locking ? • Multiple Applications = Multiple Logs • If Multiple Applications = Multiple logs • Multiple Hosts x Multiple Applications = ???
How to parse/store multiple data sources ?
Fluentd is an open source data collector for unified logging layer. It allows you to unify data collection and consumption for a better use and understanding of data. • Structured logging • Reliable forwarding • Pluggable architecture
Fluentd • Data collection for unified logging layer • Streaming data transfer based on JSON • Written in Ruby • Gem based various plugins • http://www.fluentd.org/plugins • Working on lots of productions • http://www/fluentd.org/testimonials
Before
After
Highlights • Unified Logging Layer • Fluentd tries to structure data as JSON as much as possible • Simple and yet flexible • 300+ plugins • Open Source • Proven Reliability and Performance • 2000+ data-driven companies rely on FluentD • Minimum resources required - vanilla instance runs on 30-40MB of memory and can process 13,000 events/second/core • Data loss should never happen. • Fluentd supports memory- and file-based buffering to prevent inter-node data loss. • Fluentd also supports robust failover and can be set up for high availability • Community
Docker Monitoring
Monitor • Resource utilization • How much RAM and CPU is each container using? • Health of docker environments • As the Docker ecosystem continues to evolve, we have to ask ourselves the following questions: • How can we log and monitor Docker effectively? • This includes logging the Docker runtime infrastructure, the container itself and what goes on inside of it, and how to ensure to collect log data from ephemeral containers. • How can we use feedback from containers to manage and improve the quality of our services? • Can we build off of decades of experience logging monolithic applications, or do we have to start from scratch? • If we have to start from scratch, how can we build a solution that helps us make better decisions?
FluentD + Docker
Logging of container architecture • Storage: • should be outside of container / hosts • Transferring: • should be over network • Aggregation: • should be done per container / per service
FluentD Architecture
Logging Driver • Docker v1.6 released the concept of logging drivers • Route container output • Add new logging driver – fluentd • --log-driver=fluentd • https://github.com/docker/docker/pull/12876 • New for docker v1.7.0?
Container logging driver “fluentd” • Apps write logs to STDOUT: • docker sends it to fluentd directly! • Pros: • simple conf for apps and docker • logs include container logs • Cons: • ?
Fluentd docker image • Official image by fluentd organization https://registry.hub.docker.com/u/fluent/fluentd/ • Use it as it is, or build your own container! https://github.com/fluent/fluentd-docker-image
Demo
Install fluentd • Install fluentd via td-agent curl -L http://toolbelt.treasuredata.com/sh/install- ubuntu-trusty-td-agent2.sh | sh • Start td-agent sudo /etc/init.d/td-agent start
Verify installation • Check the logs to make sure it was installed successfully • tail /var/log/td-agent/td-agent.log
Build fluentd image • Create a new directory for your Fluentd Docker resources, and move into it • mkdir ~/fluentd-docker && cd ~/fluentd-docker • Create the following Dockerfile • sudo nano Dockerfile • Add the following content: FROM ruby:2.2.0 MAINTAINER kiyoto@treausuredata.com RUN apt-get update RUN gem install fluentd -v "~>0.12.3" RUN mkdir /etc/fluent RUN apt-get install -y libcurl4-gnutls-dev make RUN /usr/local/bin/gem install fluent-plugin-elasticsearch ADD fluent.conf /etc/fluent/ ENTRYPOINT ["/usr/local/bundle/bin/fluentd", "-c", "/etc/fluent/fluent.conf"]
Build fluentd image • Create a fluent.conf file in the same directory • sudo nano fluent.conf
<source> type tail read_from_head true path /var/lib/docker/containers/*/*-json.log pos_file /var/log/fluentd-docker.pos time_format %Y-%m-%dT%H:%M:%S tag docker.* format json </source> # Using filter to add container IDs to each event <filter docker.var.lib.docker.containers.*.*.log> type record_transformer <record> container_id ${tag_parts[5]} </record> </filter> <match docker.var.lib.docker.containers.*.*.log> type elasticsearch logstash_format true host "#{ENV['ES_PORT_9200_TCP_ADDR']}" # dynamically configured to use Docker's link feature port 9200 flush_interval 5s </match>
• Build docker image • docker build -t fluentd-es . • Check successfully built the images • docker images
ElasticSearch Container • Move to home directory • Cd ~ • Download and start the Elasticsearch container • docker run -d -p 9200:9200 -p 9300:9300 --name es elasticsearch • Check elasticsearch container is running • docker ps
Start the Fluentd-to-Elasticsearch Container • Start the container that runs Fluentd, collects the logs, and sends them to Elastcisearch • docker run -d --link es:es -v /var/lib/docker/containers:/var/lib/docker/containers fluentd-es • Check that container is running • docker ps
Confirm ElasticSearch receives events • curl -XGET 'http://localhost:9200/_all/_search?q=*‘
What’s next • Setup Dashboard
References • http://www.fluentd.org/guides/recipes/docker- logging • http://www.slideshare.net/repeatedly/docker-and- fluentd-51821582 • http://www.slideshare.net/tagomoris/docker-and- fluentd-revised • https://www.socallinuxexpo.org/sites/default/files/ presentations/fluentd.pdf
Questions?

Recommended

Swarm docker bangalore_meetup
Swarm docker bangalore_meetupSwarm docker bangalore_meetup
Swarm docker bangalore_meetupArunan Rabindran
 
What's New in Docker 1.12?
What's New in Docker 1.12?What's New in Docker 1.12?
What's New in Docker 1.12?Ajeet Singh Raina
 
Container Monitoring with Sysdig
Container Monitoring with SysdigContainer Monitoring with Sysdig
Container Monitoring with SysdigSreenivas Makam
 
Beginning mesos
Beginning mesosBeginning mesos
Beginning mesosAditya Patawari
 
Docker practical solutions
Docker practical solutionsDocker practical solutions
Docker practical solutionsKesav Kumar Kolla
 
Docker serverless v1.0
Docker serverless v1.0Docker serverless v1.0
Docker serverless v1.0Thomas Chacko
 
Networking Overview for Docker Platform
Networking Overview for Docker PlatformNetworking Overview for Docker Platform
Networking Overview for Docker PlatformAditya Patawari
 
Project Atomic-Nulecule
Project Atomic-NuleculeProject Atomic-Nulecule
Project Atomic-NuleculeLalatendu Mohanty
 

Recommended

Swarm docker bangalore_meetup
Swarm docker bangalore_meetupSwarm docker bangalore_meetup
Swarm docker bangalore_meetupArunan Rabindran
 
What's New in Docker 1.12?
What's New in Docker 1.12?What's New in Docker 1.12?
What's New in Docker 1.12?Ajeet Singh Raina
 
Container Monitoring with Sysdig
Container Monitoring with SysdigContainer Monitoring with Sysdig
Container Monitoring with SysdigSreenivas Makam
 
Beginning mesos
Beginning mesosBeginning mesos
Beginning mesosAditya Patawari
 
Docker practical solutions
Docker practical solutionsDocker practical solutions
Docker practical solutionsKesav Kumar Kolla
 
Docker serverless v1.0
Docker serverless v1.0Docker serverless v1.0
Docker serverless v1.0Thomas Chacko
 
Networking Overview for Docker Platform
Networking Overview for Docker PlatformNetworking Overview for Docker Platform
Networking Overview for Docker PlatformAditya Patawari
 
Project Atomic-Nulecule
Project Atomic-NuleculeProject Atomic-Nulecule
Project Atomic-NuleculeLalatendu Mohanty
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiMike Goelzer
 
Atomic CLI scan
Atomic CLI scanAtomic CLI scan
Atomic CLI scanLalatendu Mohanty
 
AWS ECS Quick Introduction
AWS ECS Quick IntroductionAWS ECS Quick Introduction
AWS ECS Quick IntroductionVinothini Raju
 
Introducing Docker Swarm - the orchestration tool by Docker
Introducing Docker Swarm - the orchestration tool by DockerIntroducing Docker Swarm - the orchestration tool by Docker
Introducing Docker Swarm - the orchestration tool by DockerRamit Surana
 
Docker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesDocker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesSreenivas Makam
 
Docker Online Meetup #28: Production-Ready Docker Swarm
Docker Online Meetup #28: Production-Ready Docker SwarmDocker Online Meetup #28: Production-Ready Docker Swarm
Docker Online Meetup #28: Production-Ready Docker SwarmDocker, Inc.
 
runC: The little engine that could (run Docker containers) by Docker Captain ...
runC: The little engine that could (run Docker containers) by Docker Captain ...runC: The little engine that could (run Docker containers) by Docker Captain ...
runC: The little engine that could (run Docker containers) by Docker Captain ...Docker, Inc.
 
Demystifying puppet
Demystifying puppetDemystifying puppet
Demystifying puppetAjeet Singh Raina
 
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...Docker, Inc.
 
Docker 1.9 Feature Overview
Docker 1.9 Feature OverviewDocker 1.9 Feature Overview
Docker 1.9 Feature OverviewSreenivas Makam
 
Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)
Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)
Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)Michelle Antebi
 
Docker and the Linux Kernel
Docker and the Linux KernelDocker and the Linux Kernel
Docker and the Linux KernelDocker, Inc.
 
Tupperware: Containerized Deployment at FB
Tupperware: Containerized Deployment at FBTupperware: Containerized Deployment at FB
Tupperware: Containerized Deployment at FBDocker, Inc.
 
The age of orchestration: from Docker basics to cluster management
The age of orchestration: from Docker basics to cluster managementThe age of orchestration: from Docker basics to cluster management
The age of orchestration: from Docker basics to cluster managementNicola Paolucci
 
Docker Swarm 0.2.0
Docker Swarm 0.2.0Docker Swarm 0.2.0
Docker Swarm 0.2.0Docker, Inc.
 
Docker Swarm Introduction
Docker Swarm IntroductionDocker Swarm Introduction
Docker Swarm Introductionrajdeep
 
Nebulaworks Docker Overview 09-22-2015
Nebulaworks Docker Overview 09-22-2015Nebulaworks Docker Overview 09-22-2015
Nebulaworks Docker Overview 09-22-2015Chris Ciborowski
 
AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...
AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...
AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...Atlassian
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to KubernetesVishal Biyani
 
Comprehensive Monitoring for Docker
Comprehensive Monitoring for DockerComprehensive Monitoring for Docker
Comprehensive Monitoring for DockerChristian Beedgen
 
Application Logging With The ELK Stack
Application Logging With The ELK StackApplication Logging With The ELK Stack
Application Logging With The ELK Stackbenwaine
 
Fluentd and PHP
Fluentd and PHPFluentd and PHP
Fluentd and PHPchobi e
 

More Related Content

What's hot

What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiMike Goelzer
 
AWS ECS Quick Introduction
AWS ECS Quick IntroductionAWS ECS Quick Introduction
AWS ECS Quick IntroductionVinothini Raju
 
Introducing Docker Swarm - the orchestration tool by Docker
Introducing Docker Swarm - the orchestration tool by DockerIntroducing Docker Swarm - the orchestration tool by Docker
Introducing Docker Swarm - the orchestration tool by DockerRamit Surana
 
Docker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesDocker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesSreenivas Makam
 
Docker Online Meetup #28: Production-Ready Docker Swarm
Docker Online Meetup #28: Production-Ready Docker SwarmDocker Online Meetup #28: Production-Ready Docker Swarm
Docker Online Meetup #28: Production-Ready Docker SwarmDocker, Inc.
 
runC: The little engine that could (run Docker containers) by Docker Captain ...
runC: The little engine that could (run Docker containers) by Docker Captain ...runC: The little engine that could (run Docker containers) by Docker Captain ...
runC: The little engine that could (run Docker containers) by Docker Captain ...Docker, Inc.
 
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...Docker, Inc.
 
Docker 1.9 Feature Overview
Docker 1.9 Feature OverviewDocker 1.9 Feature Overview
Docker 1.9 Feature OverviewSreenivas Makam
 
Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)
Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)
Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)Michelle Antebi
 
Docker and the Linux Kernel
Docker and the Linux KernelDocker and the Linux Kernel
Docker and the Linux KernelDocker, Inc.
 
Tupperware: Containerized Deployment at FB
Tupperware: Containerized Deployment at FBTupperware: Containerized Deployment at FB
Tupperware: Containerized Deployment at FBDocker, Inc.
 
The age of orchestration: from Docker basics to cluster management
The age of orchestration: from Docker basics to cluster managementThe age of orchestration: from Docker basics to cluster management
The age of orchestration: from Docker basics to cluster managementNicola Paolucci
 
Docker Swarm 0.2.0
Docker Swarm 0.2.0Docker Swarm 0.2.0
Docker Swarm 0.2.0Docker, Inc.
 
Docker Swarm Introduction
Docker Swarm IntroductionDocker Swarm Introduction
Docker Swarm Introductionrajdeep
 
Nebulaworks Docker Overview 09-22-2015
Nebulaworks Docker Overview 09-22-2015Nebulaworks Docker Overview 09-22-2015
Nebulaworks Docker Overview 09-22-2015Chris Ciborowski
 
AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...
AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...
AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...Atlassian
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to KubernetesVishal Biyani
 
Comprehensive Monitoring for Docker
Comprehensive Monitoring for DockerComprehensive Monitoring for Docker
Comprehensive Monitoring for DockerChristian Beedgen
 

What's hot (20)

What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
 
Atomic CLI scan
Atomic CLI scanAtomic CLI scan
Atomic CLI scan
 
AWS ECS Quick Introduction
AWS ECS Quick IntroductionAWS ECS Quick Introduction
AWS ECS Quick Introduction
 
Introducing Docker Swarm - the orchestration tool by Docker
Introducing Docker Swarm - the orchestration tool by DockerIntroducing Docker Swarm - the orchestration tool by Docker
Introducing Docker Swarm - the orchestration tool by Docker
 
Docker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesDocker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notes
 
Docker Online Meetup #28: Production-Ready Docker Swarm
Docker Online Meetup #28: Production-Ready Docker SwarmDocker Online Meetup #28: Production-Ready Docker Swarm
Docker Online Meetup #28: Production-Ready Docker Swarm
 
runC: The little engine that could (run Docker containers) by Docker Captain ...
runC: The little engine that could (run Docker containers) by Docker Captain ...runC: The little engine that could (run Docker containers) by Docker Captain ...
runC: The little engine that could (run Docker containers) by Docker Captain ...
 
Demystifying puppet
Demystifying puppetDemystifying puppet
Demystifying puppet
 
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
 
Docker 1.9 Feature Overview
Docker 1.9 Feature OverviewDocker 1.9 Feature Overview
Docker 1.9 Feature Overview
 
Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)
Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)
Docker swarm-mike-goelzer-mv-meetup-45min-workshop 02242016 (1)
 
Docker and the Linux Kernel
Docker and the Linux KernelDocker and the Linux Kernel
Docker and the Linux Kernel
 
Tupperware: Containerized Deployment at FB
Tupperware: Containerized Deployment at FBTupperware: Containerized Deployment at FB
Tupperware: Containerized Deployment at FB
 
The age of orchestration: from Docker basics to cluster management
The age of orchestration: from Docker basics to cluster managementThe age of orchestration: from Docker basics to cluster management
The age of orchestration: from Docker basics to cluster management
 
Docker Swarm 0.2.0
Docker Swarm 0.2.0Docker Swarm 0.2.0
Docker Swarm 0.2.0
 
Docker Swarm Introduction
Docker Swarm IntroductionDocker Swarm Introduction
Docker Swarm Introduction
 
Nebulaworks Docker Overview 09-22-2015
Nebulaworks Docker Overview 09-22-2015Nebulaworks Docker Overview 09-22-2015
Nebulaworks Docker Overview 09-22-2015
 
AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...
AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...
AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
 
Comprehensive Monitoring for Docker
Comprehensive Monitoring for DockerComprehensive Monitoring for Docker
Comprehensive Monitoring for Docker
 

Viewers also liked

Application Logging With The ELK Stack
Application Logging With The ELK StackApplication Logging With The ELK Stack
Application Logging With The ELK Stackbenwaine
 
Fluentd and PHP
Fluentd and PHPFluentd and PHP
Fluentd and PHPchobi e
 
Integrando Redis en aplicaciones Symfony2
Integrando Redis en aplicaciones Symfony2Integrando Redis en aplicaciones Symfony2
Integrando Redis en aplicaciones Symfony2Ronny López
 
From Zero to Hero - Centralized Logging with Logstash & Elasticsearch
From Zero to Hero - Centralized Logging with Logstash & ElasticsearchFrom Zero to Hero - Centralized Logging with Logstash & Elasticsearch
From Zero to Hero - Centralized Logging with Logstash & ElasticsearchSematext Group, Inc.
 
Application Logging With Logstash
Application Logging With LogstashApplication Logging With Logstash
Application Logging With Logstashbenwaine
 
Logging with Elasticsearch, Logstash & Kibana
Logging with Elasticsearch, Logstash & KibanaLogging with Elasticsearch, Logstash & Kibana
Logging with Elasticsearch, Logstash & KibanaAmazee Labs
 

Viewers also liked (7)

Application Logging With The ELK Stack
Application Logging With The ELK StackApplication Logging With The ELK Stack
Application Logging With The ELK Stack
 
Fluentd and PHP
Fluentd and PHPFluentd and PHP
Fluentd and PHP
 
Integrando Redis en aplicaciones Symfony2
Integrando Redis en aplicaciones Symfony2Integrando Redis en aplicaciones Symfony2
Integrando Redis en aplicaciones Symfony2
 
From Zero to Hero - Centralized Logging with Logstash & Elasticsearch
From Zero to Hero - Centralized Logging with Logstash & ElasticsearchFrom Zero to Hero - Centralized Logging with Logstash & Elasticsearch
From Zero to Hero - Centralized Logging with Logstash & Elasticsearch
 
Fluentd vs. Logstash for OpenStack Log Management
Fluentd vs. Logstash for OpenStack Log ManagementFluentd vs. Logstash for OpenStack Log Management
Fluentd vs. Logstash for OpenStack Log Management
 
Application Logging With Logstash
Application Logging With LogstashApplication Logging With Logstash
Application Logging With Logstash
 
Logging with Elasticsearch, Logstash & Kibana
Logging with Elasticsearch, Logstash & KibanaLogging with Elasticsearch, Logstash & Kibana
Logging with Elasticsearch, Logstash & Kibana
 

Similar to FluentD Docker Monitoring Log Collection

Docker and Fluentd
Docker and FluentdDocker and Fluentd
Docker and FluentdN Masahiro
 
What's new in Docker - InfraKit - Docker Meetup Berlin 2016
What's new in Docker - InfraKit - Docker Meetup Berlin 2016What's new in Docker - InfraKit - Docker Meetup Berlin 2016
What's new in Docker - InfraKit - Docker Meetup Berlin 2016Patrick Chanezon
 
How to accelerate docker adoption with a simple and powerful user experience
How to accelerate docker adoption with a simple and powerful user experienceHow to accelerate docker adoption with a simple and powerful user experience
How to accelerate docker adoption with a simple and powerful user experienceDocker, Inc.
 
Securing the Container Pipeline at Salesforce by Cem Gurkok
Securing the Container Pipeline at Salesforce by Cem Gurkok Securing the Container Pipeline at Salesforce by Cem Gurkok
Securing the Container Pipeline at Salesforce by Cem Gurkok Docker, Inc.
 
What's New in Docker - February 2017
What's New in Docker - February 2017What's New in Docker - February 2017
What's New in Docker - February 2017Patrick Chanezon
 
Hands on kubernetes_container_orchestration
Hands on kubernetes_container_orchestrationHands on kubernetes_container_orchestration
Hands on kubernetes_container_orchestrationAmir Hossein Sorouri
 
Kubernetes - Hosted OSG Services
Kubernetes - Hosted OSG ServicesKubernetes - Hosted OSG Services
Kubernetes - Hosted OSG ServicesIgor Sfiligoi
 
Detailed Introduction To Docker
Detailed Introduction To DockerDetailed Introduction To Docker
Detailed Introduction To Dockernklmish
 
Preparing your dockerised application for production deployment
Preparing your dockerised application for production deploymentPreparing your dockerised application for production deployment
Preparing your dockerised application for production deploymentDave Ward
 
Week 8 lecture material
Week 8 lecture materialWeek 8 lecture material
Week 8 lecture materialAnkit Gupta
 
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...Gaetano Giunta
 
Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @...
Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @...Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @...
Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @...Demi Ben-Ari
 
KACE Agent Architecture and Troubleshooting Overview
KACE Agent Architecture and Troubleshooting OverviewKACE Agent Architecture and Troubleshooting Overview
KACE Agent Architecture and Troubleshooting OverviewDell World
 
Killer Docker Workflows for Development
Killer Docker Workflows for DevelopmentKiller Docker Workflows for Development
Killer Docker Workflows for DevelopmentChris Tankersley
 
Introduction to Docker and Monitoring with InfluxData
Introduction to Docker and Monitoring with InfluxDataIntroduction to Docker and Monitoring with InfluxData
Introduction to Docker and Monitoring with InfluxDataInfluxData
 
Docking postgres
Docking postgresDocking postgres
Docking postgresrycamor
 
Docker Usage Patterns - Meetup Docker Paris - November, 10th 2015
Docker Usage Patterns - Meetup Docker Paris - November, 10th 2015Docker Usage Patterns - Meetup Docker Paris - November, 10th 2015
Docker Usage Patterns - Meetup Docker Paris - November, 10th 2015Datadog
 

Similar to FluentD Docker Monitoring Log Collection (20)

Docker and Fluentd
Docker and FluentdDocker and Fluentd
Docker and Fluentd
 
What's new in Docker - InfraKit - Docker Meetup Berlin 2016
What's new in Docker - InfraKit - Docker Meetup Berlin 2016What's new in Docker - InfraKit - Docker Meetup Berlin 2016
What's new in Docker - InfraKit - Docker Meetup Berlin 2016
 
How to accelerate docker adoption with a simple and powerful user experience
How to accelerate docker adoption with a simple and powerful user experienceHow to accelerate docker adoption with a simple and powerful user experience
How to accelerate docker adoption with a simple and powerful user experience
 
Securing the Container Pipeline at Salesforce by Cem Gurkok
Securing the Container Pipeline at Salesforce by Cem Gurkok Securing the Container Pipeline at Salesforce by Cem Gurkok
Securing the Container Pipeline at Salesforce by Cem Gurkok
 
What's New in Docker - February 2017
What's New in Docker - February 2017What's New in Docker - February 2017
What's New in Docker - February 2017
 
Hands on kubernetes_container_orchestration
Hands on kubernetes_container_orchestrationHands on kubernetes_container_orchestration
Hands on kubernetes_container_orchestration
 
Kubernetes - Hosted OSG Services
Kubernetes - Hosted OSG ServicesKubernetes - Hosted OSG Services
Kubernetes - Hosted OSG Services
 
Detailed Introduction To Docker
Detailed Introduction To DockerDetailed Introduction To Docker
Detailed Introduction To Docker
 
Docker
DockerDocker
Docker
 
Securing the Container Pipeline
Securing the Container PipelineSecuring the Container Pipeline
Securing the Container Pipeline
 
Preparing your dockerised application for production deployment
Preparing your dockerised application for production deploymentPreparing your dockerised application for production deployment
Preparing your dockerised application for production deployment
 
Week 8 lecture material
Week 8 lecture materialWeek 8 lecture material
Week 8 lecture material
 
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
 
Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @...
Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @...Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @...
Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @...
 
JOSA TechTalks - Docker in Production
JOSA TechTalks - Docker in ProductionJOSA TechTalks - Docker in Production
JOSA TechTalks - Docker in Production
 
KACE Agent Architecture and Troubleshooting Overview
KACE Agent Architecture and Troubleshooting OverviewKACE Agent Architecture and Troubleshooting Overview
KACE Agent Architecture and Troubleshooting Overview
 
Killer Docker Workflows for Development
Killer Docker Workflows for DevelopmentKiller Docker Workflows for Development
Killer Docker Workflows for Development
 
Introduction to Docker and Monitoring with InfluxData
Introduction to Docker and Monitoring with InfluxDataIntroduction to Docker and Monitoring with InfluxData
Introduction to Docker and Monitoring with InfluxData
 
Docking postgres
Docking postgresDocking postgres
Docking postgres
 
Docker Usage Patterns - Meetup Docker Paris - November, 10th 2015
Docker Usage Patterns - Meetup Docker Paris - November, 10th 2015Docker Usage Patterns - Meetup Docker Paris - November, 10th 2015
Docker Usage Patterns - Meetup Docker Paris - November, 10th 2015
 

Recently uploaded

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 

Recently uploaded (20)

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 

FluentD Docker Monitoring Log Collection

  • 1. FluentD and Docker Vinay Krishna SolutionsIQ
  • 3. Is it simple? • Monitoring • Applications • Servers
  • 4.
  • 6. What? • Status of application • Keeps information about errors/failure • Status of Network
  • 7. Why? • Developers • Get help in Debugging • IT admin / support • Get help in Trouble-shooting • Apps running smoothly • Security • Business • Input data – analytics • User interaction / behaviors • Improvements
  • 8. Assumptions • I have enough disk space • I/O operations will not block • Log messages are human readable • My logging mechanism scale • Basically, yeah.. it should work.
  • 9. Concerns • Logs increase = data increase • Message format get more complex • Did the Kernel flush the buffers ? (sync(2)) • Multi-thread application ?, locking ? • Multiple Applications = Multiple Logs • If Multiple Applications = Multiple logs • Multiple Hosts x Multiple Applications = ???
  • 10. How to parse/store multiple data sources ?
  • 11. Fluentd is an open source data collector for unified logging layer. It allows you to unify data collection and consumption for a better use and understanding of data. • Structured logging • Reliable forwarding • Pluggable architecture
  • 12. Fluentd • Data collection for unified logging layer • Streaming data transfer based on JSON • Written in Ruby • Gem based various plugins • http://www.fluentd.org/plugins • Working on lots of productions • http://www/fluentd.org/testimonials
  • 14. After
  • 15.
  • 16. Highlights • Unified Logging Layer • Fluentd tries to structure data as JSON as much as possible • Simple and yet flexible • 300+ plugins • Open Source • Proven Reliability and Performance • 2000+ data-driven companies rely on FluentD • Minimum resources required - vanilla instance runs on 30-40MB of memory and can process 13,000 events/second/core • Data loss should never happen. • Fluentd supports memory- and file-based buffering to prevent inter-node data loss. • Fluentd also supports robust failover and can be set up for high availability • Community
  • 17.
  • 19. Monitor • Resource utilization • How much RAM and CPU is each container using? • Health of docker environments • As the Docker ecosystem continues to evolve, we have to ask ourselves the following questions: • How can we log and monitor Docker effectively? • This includes logging the Docker runtime infrastructure, the container itself and what goes on inside of it, and how to ensure to collect log data from ephemeral containers. • How can we use feedback from containers to manage and improve the quality of our services? • Can we build off of decades of experience logging monolithic applications, or do we have to start from scratch? • If we have to start from scratch, how can we build a solution that helps us make better decisions?
  • 21. Logging of container architecture • Storage: • should be outside of container / hosts • Transferring: • should be over network • Aggregation: • should be done per container / per service
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30. Logging Driver • Docker v1.6 released the concept of logging drivers • Route container output • Add new logging driver – fluentd • --log-driver=fluentd • https://github.com/docker/docker/pull/12876 • New for docker v1.7.0?
  • 31. Container logging driver “fluentd” • Apps write logs to STDOUT: • docker sends it to fluentd directly! • Pros: • simple conf for apps and docker • logs include container logs • Cons: • ?
  • 32. Fluentd docker image • Official image by fluentd organization https://registry.hub.docker.com/u/fluent/fluentd/ • Use it as it is, or build your own container! https://github.com/fluent/fluentd-docker-image
  • 33. Demo
  • 34. Install fluentd • Install fluentd via td-agent curl -L http://toolbelt.treasuredata.com/sh/install- ubuntu-trusty-td-agent2.sh | sh • Start td-agent sudo /etc/init.d/td-agent start
  • 35. Verify installation • Check the logs to make sure it was installed successfully • tail /var/log/td-agent/td-agent.log
  • 36. Build fluentd image • Create a new directory for your Fluentd Docker resources, and move into it • mkdir ~/fluentd-docker && cd ~/fluentd-docker • Create the following Dockerfile • sudo nano Dockerfile • Add the following content: FROM ruby:2.2.0 MAINTAINER kiyoto@treausuredata.com RUN apt-get update RUN gem install fluentd -v "~>0.12.3" RUN mkdir /etc/fluent RUN apt-get install -y libcurl4-gnutls-dev make RUN /usr/local/bin/gem install fluent-plugin-elasticsearch ADD fluent.conf /etc/fluent/ ENTRYPOINT ["/usr/local/bundle/bin/fluentd", "-c", "/etc/fluent/fluent.conf"]
  • 37. Build fluentd image • Create a fluent.conf file in the same directory • sudo nano fluent.conf
  • 38. <source> type tail read_from_head true path /var/lib/docker/containers/*/*-json.log pos_file /var/log/fluentd-docker.pos time_format %Y-%m-%dT%H:%M:%S tag docker.* format json </source> # Using filter to add container IDs to each event <filter docker.var.lib.docker.containers.*.*.log> type record_transformer <record> container_id ${tag_parts[5]} </record> </filter> <match docker.var.lib.docker.containers.*.*.log> type elasticsearch logstash_format true host "#{ENV['ES_PORT_9200_TCP_ADDR']}" # dynamically configured to use Docker's link feature port 9200 flush_interval 5s </match>
  • 39. • Build docker image • docker build -t fluentd-es . • Check successfully built the images • docker images
  • 40. ElasticSearch Container • Move to home directory • Cd ~ • Download and start the Elasticsearch container • docker run -d -p 9200:9200 -p 9300:9300 --name es elasticsearch • Check elasticsearch container is running • docker ps
  • 41. Start the Fluentd-to-Elasticsearch Container • Start the container that runs Fluentd, collects the logs, and sends them to Elastcisearch • docker run -d --link es:es -v /var/lib/docker/containers:/var/lib/docker/containers fluentd-es • Check that container is running • docker ps
  • 42. Confirm ElasticSearch receives events • curl -XGET 'http://localhost:9200/_all/_search?q=*‘
  • 44. References • http://www.fluentd.org/guides/recipes/docker- logging • http://www.slideshare.net/repeatedly/docker-and- fluentd-51821582 • http://www.slideshare.net/tagomoris/docker-and- fluentd-revised • https://www.socallinuxexpo.org/sites/default/files/ presentations/fluentd.pdf