diff --git a/install_config/aggregate_logging.adoc b/install_config/aggregate_logging.adoc index ea292de9fd15..16d8d82b19f7 100644 --- a/install_config/aggregate_logging.adoc +++ b/install_config/aggregate_logging.adoc @@ -42,15 +42,23 @@ administrators can view all logs, but application developers can only view logs for projects they have permission to view. The stack components communicate securely. -[NOTE] -==== -xref:../install_config/install/host_preparation.adoc#managing-docker-container-logs[Managing -Docker Container Logs] discusses the use of `json-file` logging driver options +Aggregated logging is supported using the `json-file` or `journald` driver in Docker. +The Docker log driver is set to `journald` as the default for all nodes. See +xref:fluentd-upgrade-source[Updating Fluentd's Log Source After a Docker Log +Driver Update] for more information about switching between `json-file` and `journald`. +Fluentd automatically determines which log driver (`journald` or `json-file`) the container runtime is using. + +When the log driver is set to `journald`, Fluentd reads journald logs. When set to `json-file` Fluentd reads from *_/var/log/containers_*. + +See xref:../install_config/install/host_preparation.adoc#managing-docker-container-logs[Managing +Docker Container Logs] for information on `json-file` logging driver options to manage container logs and prevent filling node disks. -Aggregated logging is only supported using the `journald` driver in Docker. See -xref:fluentd-upgrade-source[Updating Fluentd's Log Source After a Docker Log -Driver Update] for more information. + +[IMPORTANT] +==== +If Docker log-driver is set to journald, there is no log rate throttling with the `journald` driver. +As a result, there is a risk of denial-of-service attacks from rogue containers. ==== [[aggregate-logging-pre-deployment-configuration]] @@ -1623,6 +1631,57 @@ $ curl --key /etc/elasticsearch/secret/admin-key \ ---- ==== +[[fluentd-update-source]] +== Changing the Aggregated Logging Driver + +By default, aggregated logging uses the `journald` log driver +xref:../install_config/install/advanced_install.adoc#configuring-host-variables[unless `json-file` was specified during installation]. You can change the log driver between `journald` and `json-file` as needed. + +[IMPORTANT] +==== +When using the `json-file` driver, ensure that your Docker version is Docker version *docker-1.12.6-55.gitc4618fb.el7_4 now* +or later. +==== + +Fluentd determines the driver Docker is using by checking the *_/etc/docker/daemon.json_* and *_/etc/sysconfig/docker_* files. + +You can determine which driver Docker is using with the `docker info` command: + +---- +# docker info | grep Logging + +Logging Driver: journald +---- + +To change between `json-file` and `journald` after installation: + +. Modify either the *_/etc/sysconfig/docker_* or *_/etc/docker/daemon.json_* files. ++ +For example: ++ +[source,json] +---- +# cat /etc/sysconfig/docker +OPTIONS=' --selinux-enabled --log-driver=json-file --log-opt max-size=1M --log-opt max-file=3 --signature-verification=False' + +cat /etc/docker/daemon.json +{ +"log-driver": "json-file", +"log-opts": { +"max-size": "1M", +"max-file": "1" +} +} +---- + +. Restart the Docker service: ++ +---- +systemctl restart docker +---- + +. Update the xref:fluentd-upgrade-source[Fluentd log source]. + [[fluentd-upgrade-source]] == Updating Fluentd's Log Source After a Docker Log Driver Update diff --git a/install_config/install/advanced_install.adoc b/install_config/install/advanced_install.adoc index 876ebbbedfd7..8113fdd38292 100644 --- a/install_config/install/advanced_install.adoc +++ b/install_config/install/advanced_install.adoc @@ -464,10 +464,16 @@ xref:configuring-node-host-labels[Configuring Node Host Labels] for details. xref:configuring-node-host-labels[Configuring Node Host Labels] for details. |`openshift_docker_options` -|This variable configures additional `docker` options within +a|This variable configures additional `docker` options within *_/etc/sysconfig/docker_*, such as options used in -xref:../../install_config/install/host_preparation.adoc#managing-docker-container-logs[Managing Container Logs]. Example usage: *"--log-driver json-file --log-opt max-size=1M ---log-opt max-file=3"*. Do not use when +xref:../../install_config/install/host_preparation.adoc#managing-docker-container-logs[Managing Container Logs]. +Use `json-file` or `journald`. The default is `journald`. +Example usage: +---- +"--log-driver json-file --log-opt max-size=1M --log-opt max-file=3" +"--log-driver journald" +---- +Do not use when xref:advanced-install-docker-system-container[running `docker` as a system container]. |`openshift_schedulable` diff --git a/install_config/install/host_preparation.adoc b/install_config/install/host_preparation.adoc index 2a3bb69b3993..1c158fe677b8 100644 --- a/install_config/install/host_preparation.adoc +++ b/install_config/install/host_preparation.adoc @@ -585,13 +585,6 @@ container is running) can increase to a problematic size. You can manage this by configuring Docker's `json-file` logging driver to restrict the size and number of log files. -[IMPORTANT] -==== -Aggregated logging is only supported using the `journald` driver in Docker. See -xref:../../install_config/aggregate_logging.adoc#fluentd-upgrade-source[Updating -Fluentd's Log Source After a Docker Log Driver Update] for more information. -==== - [options="header"] |===