stackoom
  简体   繁体   中英

Mac OS X, Docker: Get container logs out of Docker for Mac VM into an ELK Stack in the same Docker for Mac

 原文  2020-04-28 14:42:46       macos/ docker/ elastic-stack

Question

Problem:
- ELK Stack (7.6.2) running in Docker for Mac (2.2.0.5)
- Learned from Docker container log file not found on Mac that container logs on Mac are kept in the Docker for Mac VM.

Question:
How can I get (some of) the container logs - continuously - out of the VM into the ELK Stack which runs on the same Docker for Mac.

Yes, I know in Linux it would be much easier. But currently I only have my Mac.
Yes, I know I could copy the files with some Mac magic out of the VM into the normal Mac FS and then throw it into the ELK stack. But I want to avoid this manual step, if possible. Yes I know I could make a cron job, which does it automatically, but I want to avoid that, too.

So any idea how to achieve this?

Thanks, Alex

1 answers

solution1
 0  2020-04-30 13:04:41

Ok, after more research and some try and error, here is my solution, which may not be the best, but it is working.

Steps:
1) Create network: 

docker network create elastic

2) Run es: 

docker run -d --name elasticsearch  --network elastic --restart unless-stopped -v /Data/elastic:/usr/share/elasticsearch/data -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" elasticsearch:7.6.2

3) Run kibana: 

docker run -d --name kibana --network elastic --restart unless-stopped -p 5601:5601 kibana:7.6.2

4) Create a logstash.conf: 

input {
  syslog {
    port => 9500
    type => "docker"
  }
}

filter {
  date {
    match => [ "timestamp" , "dd/MMM/yyyy:HH:mm:ss Z" ]
  }
}

output {
  elasticsearch {
    hosts => ["elasticsearch:9200"]
    index => "docker_logs"
  }
}

5) Run logstash: 

docker run -d --rm -v $PWD/config/syslog.conf:/usr/share/logstash/config/logstash.conf -p 9500:9500 --name logstash --network elastic logstash:7.6.2 bin/logstash -f /usr/share/logstash/config/logstash.conf

6) Run container: 

docker run --log-driver syslog --log-opt syslog-address=tcp://1.2.3.4:9500 alpine echo hello world

Being 1.2.3.4 the ip of the docker host.

7) Open kibana: 

open http://1.2.3.4:5601

8) Do the kibana stuff I wanted to learn

Ok, that's my solution...

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Docker for Mac VM IP Cannot run docker based Windows container in Windows 10 VirtualBox VM on Mac OS X host How to Setup a Docker Tomcat Container on Mac OS X docker issue on mac os Copy out file tree from Docker layers on Mac OS X How to create Mac OS X docker image? Docker Login failure on Mac OS X Where is /var/lib/docker on Mac/OS X Docker image running a Mac OS X installation boot2docker, docker, django on mac os x
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM