skip to Main Content

I have the problem that my ECS logs (awslogs driver) are not working as expected. In Cloudwatch I’m only seeing the server startup logs & not the useful logs from the apache (/var/log/apache2/error.log & /var/log/apache2/access.log)

I have a docker multicontainer setup with one container running the apache server & the other container running PHP-FPM. My container logs on cloudwatch look like this:

Apache-Container:

23:35:39 *** Running /etc/my_init.d/02_init.sh...
23:35:39 Starting Apache
23:35:39 * Starting Apache httpd web server apache2
23:35:39 /usr/sbin/apache2ctl: 87: ulimit: error setting limit (Operation not permitted)
23:35:39 Setting ulimit failed. See README.Debian for more information.
23:35:40 *** Running /etc/rc.local...
23:35:40 *** Booting runit daemon...
23:35:40 *** Runit started as PID 225
23:35:40 Oct 25 22:35:40 apache-container syslog-ng[231]: syslog-ng starting up; version='3.5.6'
2019-10-26 00:17:01
Oct 25 23:17:01 apache-container CRON[947]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
...
07:35:16 tail: '/var/log/syslog' has been replaced; following new file
...

FPM-Container:

...
10:25:23 172.x.x.x - 27/Okt/2019:09:25:23 +0000 "GET /app.php" 200
10:25:25 172.x.x.x - 27/Okt/2019:09:25:24 +0000 "GET /app.php" 200
...

I’ve checked various forums & online resources. As I understood it right I just need to symlink my logs to STDOUT/STDERR or even better to /proc/self/fd/1 & /proc/self/fd/2 like this:

ln -sf /dev/stdout /var/log/apache2/access.log
ln -sf /dev/stderr /var/log/apache2/error.log

I’ve tried to link the logs in my .Dockerfile via the RUN command & also during runtime, but no success. I see that my logs are showing up correctly in the log files before linking them. I’ve also tried things like echo "test stderr logs" >> /dev/stderr or echo "test stdout logs" >> /dev/stdout inside & outside the containers, but nothing showing up in the cloudwatch logs. When I try docker logs MY_DOCKER_CONTAINER_ID I get: Error response from daemon: configured logging driver does not support reading.

Maybe I’m missing some basic knowledge here. I see that syslog is in my environment/base image (maybe i need to merge syslog & apache logs?) and that the PHP-FPM-container is logging 200’s but only to the app.php even though I would like to know the exact path of the accessed url.

2

Answers


  1. Chosen as BEST ANSWER

    Hey thx for the responses. If I remember it right, the problem was, that all of my output was redirected to syslog & there was a misconfiguration in my syslog config.


  2. You need to specify in your docker-compose used by ECS to use the cloudwatch logging driver like so:

    version: '2'
    services:
      myapp:
        build:
          context: .
        logging:
          driver: awslogs
          options:
            awslogs-group: "/my/log/group"
            awslogs-region: "us-west-2"
            awslogs-stream-prefix: some-prefix
    

    This should cause /dev/stdout and /dev/stderr to appear in CloudWatch. You can find more information on the logging driver options on the Docker page.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search