Reputation: 623
How to access logs logged in journald using fluent-bit that's inside a docker container
I'm using docker-compose.yml that launches my services. All services look something like this:
A-service:
image: A-service
restart: always
network_mode: host
logging:
driver: journald
options:
tag: "{{.ImageName}}/{{.Name}}/{{.ID}}"
fluent-bit:
image: 'bitnami/fluent-bit:latest'
restart: always
network_mode: host
command: /fluent-bit/bin/fluent-bit -c /fluent-bit/etc/fluent-bit.conf
volumes:
- ./service/config/fluent-bit.conf:/fluent-bit/etc/fluent-bit.conf
- type: bind
source: /run/log
target: /run/log
When I run journalctl -e -f -u docker I see all the logs being logged just fine.
The problem I'm having is that my fluent-bit container seems to be unable to get any data when collecting from systemd:
fluent-bit.conf:
[SERVICE]
Flush 5
Daemon Off
Log_Level debug
[INPUT]
Name systemd
Tag *
[OUTPUT]
Name stdout
Match *
I figured that it might be because it's in container and can't reach the logs location, but binding directory /run/log:/run/log had no effect.
So my question would be: Can fluent-bit reach systemd and read journal when it is inside container? If yes - how can I achieve that?
Upvotes: 4
Views: 7571
Answers (1)
Reputation: 623
After even more research I stumbled acros this thread: https://github.com/fluent/fluent-bit/issues/497
Long story short:
- you need to run fluent-bit container as root, since accessing the journal requires root permission
- set the machine id in docker to the same as in your root machine
- bind /run/log/journal:/run/log/journal
so:
fluent-bit:
image: 'bitnami/fluent-bit:latest'
restart: always
user: root
network_mode: host
command: /fluent-bit/bin/fluent-bit -c /fluent-bit/etc/fluent-bit.conf
volumes:
- ./service/config/fluent-bit.conf:/fluent-bit/etc/fluent-bit.conf
- /etc/machine-id:/etc/machine-id:ro
- /run/log/journal:/run/log/journal
Then, in fluent-bit.conf you need edit the INPUT path:
[INPUT]
Name systemd
Tag *
Path /run/log/journal
Systemd_Filter _SYSTEMD_UNIT=docker.service
Systemd_Filter _SYSTEMD_UNIT=kubelet.service
Upvotes: 7
Related Questions
- How to forward multiline docker logs using fluentd?
- log key is not parsed by fluent-bit (both Docker containerized)
- Fluentbit get Docker Logs(Systemd) in Kubernetes not working
- Fluent-bit unable to ship logs to fluentd in docker due to EADDRNOTAVAIL
- Filtering out container logs from jorunald using fluentd
- How to forward logs from docker containers to host journald/syslog service?
- Structured logging to journald from within a docker container
- Sending logs from docker container to FluentD
- Get log of a systemd/journald in a docker container to "docker logs"
- How to control fluentd log tag from Docker