우분투에서 Docker 데몬의 로그를 관리하는 방법
도커(Docker) 데몬의 로그를 관리하는 방법은 다양한 로그 관리 도구를 사용하여 가능합니다. 주로는 도커의 로깅 드라이버 설정 및 로그 파일 관리를 통해 로그를 관리합니다.
1. 로그 드라이버 설정(daemon.json 파일 생성)
도커 데몬은 다양한 로그 드라이버를 지원하며, 이를 사용하여 로그를 관리합니다. 기본 로그 드라이버는 json-file 이며, 다른 로그 드라이버로 변경하려면 /etc/docker/daemon.json 파일을 편집합니다.
sudo vim /etc/docker/daemon.json
daemon.json 파일이 없는 경우 새로 만들 수 있습니다.
다음은 daemon.json 파일에 json-file 로그 드라이버를 설정하는 예제입니다.
{
"log-driver": "json-file",
"log-opts": {
"max-size": "10m",
"max-file": "3"
}
}
이 설정은 로그 파일의 최대 크기를 10MB로 제한하고 로그 파일을 최대 3개까지 유지합니다. 원하는 로그 드라이버와 옵션을 사용하도록 수정할 수 있습니다.
2. 파일을 저장하고 에디터를 닫습니다.
3. 도커 데몬을 다시 시작합니다.
sudo systemctl restart docker
이제 도커 데몬은 /etc/docker/daemon.json 파일에 지정된 로그 관리 설정을 사용하여 로그를 관리합니다. 설정을 수정하려면 파일을 다시 편집하고 도커 데몬을 다시 시작하면 됩니다.
로컬 로그 파일의 위치는 로그 드라이버와 설정에 따라 달라질 수 있으며, 기본적으로 /var/lib/docker/containers/<container-id>/ 디렉토리에 저장됩니다. 필요에 따라 로그 파일의 위치도 수정할 수 있습니다.
도커 컨테이너 로그 위치 : /var/lib/docker/containers/CONTAINER_ID/CONTAINER_ID-json.log
ex) /var/lib/docker/containers/d2902eae/d2902eae-json.log
Configure logging drivers : https://docs.docker.com/config/containers/logging/configure/
도커에서 로그 로테이션(logrotate) 구성
logrotate 파일(docker) 생성
touch /etc/logrotate.d/docker
logrotate 파일(docker) 편집
vim /etc/logrotate.d/docker
/var/lib/docker/containers/*/*.log
{
rotate 90
daily
maxsize 100M
dateext
#dateformat .%Y%m%d%H
missingok
notifempty
ifempty
compress
delaycompress
copytruncate
create
sharedscripts
}
logrotate -f /etc/logrotate.conf
logrotate -d /etc/logrotate.conf
logrotate -vdf /etc/logrotate.conf
$ logrotate -vdf /etc/logrotate.conf
...
rotating pattern: /var/lib/docker/containers/*/*.log
forced from command line (90 rotations)
empty log files are rotated, old logs are removed
considering log /var/lib/docker/containers/d290eae/d290eae-json.log
log needs rotating
rotating log /var/lib/docker/containers/d290eae/d290eae-json.log, log->rotateCount is 90
dateext suffix '-20211123'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
glob finding logs to compress failed
glob finding old rotated logs failed
copying /var/lib/docker/containers/d290eae/d290eae-json.log to /var/lib/docker/containers/d290eae/d290eae-json.log-20211123
truncating /var/lib/docker/containers/d290eae/d290eae-json.log
...
logrotate 사용법
$ logrotate --help
Usage: logrotate [OPTION...] <configfile>
-d, --debug Don't do anything, just test (implies -v)
-f, --force Force file rotation
-m, --mail=command Command to send mail (instead of `/bin/mail')
-s, --state=statefile Path of state file
-v, --verbose Display messages during rotation
-l, --log=STRING Log file
--version Display version information
Help options:
-?, --help Show this help message
--usage Display brief usage message
compress
Old versions of log files are compressed with gzip(1) by default. See also nocompress.
copytruncate
Truncate the original log file in place after creating a copy, instead of moving the old log file and optionally creating a new one. It can be used when some program cannot be told to close its logfile and thus might continue writing (appending) to the previous log file forever. Note that there is a very small time slice between copying the file and truncating it, so some logging data might be lost. When this option is used, the create option will have no effect, as the old log file stays in place.
create mode owner group, create owner group
Immediately after rotation (before the postrotate script is run) the log file is created (with the same name as the log file just rotated). mode specifies the mode for the log file in octal (the same as chmod(2)), owner specifies the user name who will own the log file, and group specifies the group the log file will belong to. Any of the log file attributes may be omitted, in which case those attributes for the new file will use the same values as the original log file for the omitted attributes. This option can be disabled using the nocreate option.
createolddir mode owner group
If the directory specified by olddir directive does not exist, it is created. mode specifies the mode for the olddir directory in octal(the same as chmod(2)), owner specifies the user name who will own the olddir directory, and group specifies the group the olddir direc‐tory will belong to. This option can be disabled using the nocreateolddir option. daily Log files are rotated every day.
dateext
Archive old versions of log files adding a date extension like YYYYMMDD instead of simply adding a number. The extension may be configured using the dateformat and dateyesterday options.
dateformat format_string
Specify the extension for dateext using the notation similar to strftime(3) function. Only %Y %m %d %H and %s specifiers are allowed. The default value is -%Y%m%d except hourly, which uses -%Y%m%d%H as default value. Note that also the character separating log name from the extension is part of the dateformat string. The system clock must be set past Sep 9th 2001 for %s to work correctly. Note that the date‐stamps generated by this format must be lexically sortable (i.e., first the year, then the month then the day. e.g., 2001/12/01 is ok, but 01/12/2001 is not, since 01/11/2002 would sort lower while it is later). This is because when using the rotate option, logrotate sorts all rotated filenames to find out which logfiles are older and should be removed.
delaycompress
Postpone compression of the previous log file to the next rotation cycle. This only has effect when used in combination with compress. It can be used when some program cannot be told to close its logfile and thus might continue writing to the previous log file for some time.
ifempty
Rotate the log file even if it is empty, overriding the notifempty option (ifempty is the default).
maxsize size
Log files are rotated when they grow bigger than size bytes even before the additionally specified time interval (daily, weekly, monthly, or yearly). The related size option is similar except that it is mutually exclusive with the time interval options, and it causes log files to be rotated without regard for the last rotation time. When maxsize is used, both the size and timestamp of a log file are con‐sidered.
missingok
If the log file is missing, go on to the next one without issuing an error message. See also nomissingok.
notifempty
Do not rotate the log if it is empty (this overrides the ifempty option).
postrotate/endscript
The lines between postrotate and endscript (both of which must appear on lines by themselves) are executed (using /bin/sh) after the log file is rotated. These directives may only appear inside a log file definition. Normally, the absolute path to the log file is passed as first argument to the script. If sharedscripts is specified, whole pattern is passed to the script. See also prerotate. See sharedscripts and nosharedscripts for error handling.
prerotate/endscript
The lines between prerotate and endscript (both of which must appear on lines by themselves) are executed (using /bin/sh) before the log file is rotated and only if the log will actually be rotated. These directives may only appear inside a log file definition. Normally, the absolute path to the log file is passed as first argument to the script. If sharedscripts is specified, whole pattern is passed to the script. See also postrotate. See sharedscripts and nosharedscripts for error handling.
firstaction/endscript
The lines between firstaction and endscript (both of which must appear on lines by themselves) are executed (using /bin/sh) once before all log files that match the wildcarded pattern are rotated, before prerotate script is run and only if at least one log will actually be rotated. These directives may only appear inside a log file definition. Whole pattern is passed to the script as first argument. If the script exits with error, no further processing is done. See also lastaction.
rotate count
Log files are rotated count times before being removed or mailed to the address specified in a mail directive. If count is 0, old versions are removed rather than rotated.
size size
Log files are rotated only if they grow bigger then size bytes. If size is followed by k, the size is assumed to be in kilobytes. If the M is used, the size is in megabytes, and if G is used, the size is in gigabytes. So size 100, size 100k, size 100M and size 100G are all valid.
sharedscripts
Normally, prerotate and postrotate scripts are run for each log which is rotated and the absolute path to the log file is passed as first argument to the script. That means a single script may be run multiple times for log file entries which match multiple files (such as the /var/log/news/* example). If sharedscripts is specified, the scripts are only run once, no matter how many logs match the wildcarded pat‐tern, and whole pattern is passed to them. However, if none of the logs in the pattern require rotating, the scripts will not be run at all. If the scripts exit with error, the remaining actions will not be executed for any logs. This option overrides the nosharedscripts option and implies create option.
su user group
Rotate log files set under this user and group instead of using default user/group (usually root). user specifies the user name used for rotation and group specifies the group used for rotation.
'리눅스' 카테고리의 다른 글
HAProxy 로깅(haproxy logging) 설정하는 방법 (0) | 2021.11.24 |
---|---|
CentOS 7에서 HAProxy를 설치하고 구성하는 방법 (0) | 2021.11.24 |
[리눅스] 도커 컨테이너로 gitlab-runner 실행하는 방법 (1) | 2021.11.21 |
stress 명령어 (0) | 2021.11.18 |
CentOS 7에서 Created slice 및 Starting Session과 같은 로그를 제거하는 방법은 (0) | 2021.11.18 |