Docker – Amazon AWS Elastic Beanstalk EBS Logs To Cloudwatch (Multi Docker Env)

amazon-cloudwatchamazon-web-servicesdockerelastic-beanstalk

I would like to view all my logs in cloudwatch.
I currently have a multi-docker Elastic beanstalk environment.

I have selected for the logs to push to cloudwatch by going to 

Elastic Beanstalk > App > Env > Configuration > Software Configuration > CloudWatch Logs

This is enabled.

When I look in cloudwatch I see the following bits..

/aws/elasticbeanstalk/myapp-staging/var/log/docker-events.log
/aws/elasticbeanstalk/myapp-staging/var/log/eb-activity.log
/aws/elasticbeanstalk/myapp-staging/var/log/eb-ecs-mgr.log
/aws/elasticbeanstalk/myapp-staging/var/log/ecs/ecs-agent.log
/aws/elasticbeanstalk/myapp-staging/var/log/ecs/ecs-init.log

But I do not see the nginx access/error logs.

I have this in my Dockerrun.aws.json

"mountPoints":[
        {
          "sourceVolume": "awseb-logs-nginx",
          "containerPath": "/var/log/nginx"
        }

If i SSH to the instance with this contain on I can see these logs (when I hit URLS) being generated (as expected) on the local path of /var/log/containers/nginx/access.log etc.

Also If i go to EBS > Logs and request recent logs I can also see them what is in the access log, it just not being sent to CloudWatch?

I wondered if I had to setup a Log Group with the correct path, i tried this but it did not get populated?

I am sure that I am missing something to push this on to Cloudwatch, many thanks in advance!

Update:
I've since added the below, which was suggested as what is required. This file sits in .ebextensions folder named nginx_logs.conf.

packages:
  yum:
    awslogs: []

files:
  "/etc/awslogs/config/nginx_logs.conf" :
    mode: "000600"
    owner: root
    group: root
    content: |
      [/var/log/containers/nginx/access.log]
      log_group_name = `{"Fn::Join":["/", ["/aws/elasticbeanstalk", { "Ref":"AWSEBEnvironmentName" }, "var/log/containers/nginx/access.log"]]}`
      log_stream_name = {instance_id}
      file = /var/log/containers/nginx/access.log*
      [/var/log//containers/nginx/error.log]
      log_group_name = `{"Fn::Join":["/", ["/aws/elasticbeanstalk", { "Ref":"AWSEBEnvironmentName" }, "var/log/containers/nginx/error.log"]]}`
      log_stream_name = {instance_id}
      file = /var/log/containers/nginx/error.log*

commands:
  "01":
    command: chkconfig awslogs on
  "02":
    command: service awslogs restart

Still no joy, as again I can still see them when I hit request logs or request last 100 logs. But nothing in cloudwatch…

Best Answer

According to the official AWS documentation, the following files are collected out of the box for Docker Multicontainer EB environments:

  • /var/log/eb-activity.log
  • /var/log/ecs/ecs-init.log
  • /var/log/eb-ecs-mgr.log
  • /var/log/ecs/ecs-agent.log
  • /var/log/docker-events.log

Since these paths don't include the directory which contains the nginx logs, it makes sense they won't be streamed to CloudWatch.

To stream your logs, looks like you will have to configure the CloudWatch Logs agent to collect the files in the containers directory. There are sample configurations here. Frankly it's a little strange the default config for Docker Multicontainer doesn't include container logs, but apparently this is how AWS has implemented this.

Related Topic