Logs are an essential part of observing any service; without them you are flying blind. But collecting and analyzing them can be a real challenge -- especially at scale. Not only do you need to solve the basic task of collecting your logs, but you must do it in a reliable, performant, and robust manner. Nothing is more frustrating than having your logs pipeline fall on it's face during an outage, or even worse, disrupt more important services!
Fear not! In this guide we'll show you how to send collect logs from Docker and send them anywhere and build a logs pipeline that will be the backbone of your observability strategy.
What is Docker?
Docker is an open platform for developing, shipping, and running applications and services. Docker enables you to separate your services from your infrastructure so you can ship quickly. With Docker, you can manage your infrastructure in the same ways you manage your services. By taking advantage of Docker’s methodologies for shipping, testing, and deploying code quickly, you can significantly reduce the delay between writing code and running it in production.
How This Guide Works
We'll be using Vector to accomplish this task. Vector is a popular open-source utility for building observability pipelines. It's written in Rust, making it lightweight, ultra-fast and highly reliable. And we'll be deploying Vector as a daemon.
The daemon deployment strategy is designed for data
collection on a single host. Vector runs in the background, in its own process,
collecting all data for that host.
For this guide, Vector will collect data from
Docker via Vector's
The following diagram demonstrates how it works.
What We'll Accomplish
To be clear, here's everything we'll accomplish in this short guide:
Configure Vectorcat <<-VECTORCFG > /etc/vector/vector.toml[sources.in]type = "docker" # required[sinks.out]# Encodingencoding.codec = "json" # required# Generalinputs = ["in"] # requiredtype = "console" # requiredVECTORCFGexplain this command
Start the Vector containerdocker run \-v $PWD/vector.toml:/etc/vector/vector.toml:ro \-v /var/run/docker.sock:/var/run/docker.sock \timberio/vector:latest-alpineexplain this command
That's it! Simple and to the point. Hit
Vector is powerful utility and we're just scratching the surface in this guide. Here are a few pages we recommend that demonstrate the power and flexibility of Vector: