Configure AWS ECS service with logging driver
Step by step guide to setup ECS running with sumologic-docker-logging-driver
Deprecated: since the ECS support configure "sumologic" logging driver from UI now, please refer to Setup-AWS-ECS-to-deliver-logs-to-SumoLogic-with-Launch-Configuration-settings for new walk-through
- an AWS account can deploy the ECS cluster
- a SumoLogic account with a HTTP source created. In the following paragraphs, will use URL of
https://collectors.sumologic.com/receiver/v1/http/XXXX, you should replace it with the real URL of your HTTP source
You can crate your own ECS task definition (e.g. the payload running on a container) with log delivering to sumologic logging driver.
Login to the AWS console, and click "EC2 Container Service"
And then click "Task Definitions" on the sidebar and then "Create new Task Definition"
Using "Configure via JSON" since we cannot pick up sumolgoic driver on ECS UI
Use following json to define your task (This is a sample for just printing lines on console. you can replace it with the real task. And be notice the line wrapper if you directly copy from below)
{
"family": "my-task",
"containerDefinitions": [
{
"name": "hello",
"image": "ubuntu:latest",
"cpu": 100,
"memory": 512,
"essential": true,
"entryPoint": [
"sh",
"-c"
],
"command": [
"for i in `seq 1 100`; do echo 'Hello world';sleep 1; done"
],
"logConfiguration": {
"logDriver": "sumologic",
"options": {
"sumo-url": "https://collectors.sumologic.com/receiver/v1/http/XXXX"
}
}
}
]
}NOTE : if you see some error about 'CSRF' when saving the task definition, you may need to refresh your browser. It's a known UI bug of ECS.
Now we can create the cluster running the task. Click the "Clusters" on sidebar and "Create Cluster"
And then in the creating UI, configure the cluster settings and put 1 instance at beginning.
Since current latest AMI from Amazon (ECS-Optimized Amazon Linux AMI 2017.09.a) is supporting docker API version 1.29, we can just keep using the default ECS AMI.
Be notice the SSH key is required for following steps
After clicking "Create", the cluster should be created.
The instance requires extra configuration for sending log to sumologic. These steps need to running on the EC2 instance with SSH.
By default, the Security Group created with cluster do not enable the SSH inbound rule. Finding the security group used by the instace and edit the inbound rule with SSH port.
NOTE : The setting here enable any IP connect to the host with a valid SSH private key. In production environment, you may consider a stricter policy for the security.
Using your key pair to SSH the instance:
$ ssh -i [.pem] [email protected]$ docker plugin install store/sumologic/docker-logging-driver:1.0.2 --alias sumologic --grant-all-permissionsInstruction: https://github.com/SumoLogic/sumologic-docker-logging-driver; Make sure using sumologic as the alias
$ sudo docker plugin ls
ID NAME DESCRIPTION ENABLED
1b173ac2700b sumologic:latest Sumo Logic logging driver trueEdit the configure file of ecs /etc/ecs/ecs.config
$ sudo vi /etc/ecs/ecs.configAppend or modify following line with "sumologic"
ECS_AVAILABLE_LOGGING_DRIVERS=["json-file","awslogs","sumologic"]
Restart ECS service
$ sudo service docker stop
$ sudo service docker start
$ sudo start ecsThe instance should be ready to schedule task now.
NOTE : Repeat these steps if new instance(s) added into the cluster.
ECS agent log
$ docker logs -f ecs-agent
Docker Daemon log
$ tail -f /var/log/docker
Running container manually and deliver log to SumoLogic
$ docker run --log-driver=sumologic --log-opt sumo-url=https://collectors.sumologic.com/receiver/v1/http/XXXX -d hello-world
You can now schedule a task from ECS console.
And the log lines can be queried out on SumoLogic web app now.
