Add awslogs driver for Amazon CloudWatch Logs

Signed-off-by: Samuel Karp <skarp@amazon.com>
2022-11-09 12:21:53 -05:00 · 2015-08-05 00:35:06 +00:00 · 2015-08-05 00:35:06 +00:00 · 3effe484e6
commit 3effe484e6
parent 85433365cc
15 changed files with 1072 additions and 7 deletions
--- a/docs/reference/logging/awslogs.md
+++ b/docs/reference/logging/awslogs.md
@ -0,0 +1,90 @@
+<!--[metadata]>
+++
+title = "Amazon CloudWatch Logs logging driver"
+description = "Describes how to use the Amazon CloudWatch Logs logging driver."
+keywords = ["AWS, Amazon, CloudWatch, logging, driver"]
+[menu.main]
+parent = "smn_logging"
+++
+<![end-metadata]-->
+
+# Amazon CloudWatch Logs logging driver
+
+The `awslogs` logging driver sends container logs to
+[Amazon CloudWatch Logs](https://aws.amazon.com/cloudwatch/details/#log-monitoring).
+Log entries can be retrieved through the [AWS Management
+Console](https://console.aws.amazon.com/cloudwatch/home#logs:) or the [AWS SDKs
+and Command Line Tools](http://docs.aws.amazon.com/cli/latest/reference/logs/index.html).
+
+## Usage
+
+You can configure the default logging driver by passing the `--log-driver`
+option to the Docker daemon:
+
+    docker --log-driver=awslogs
+
+You can set the logging driver for a specific container by using the
+`--log-driver` option to `docker run`:
+
+    docker run --log-driver=awslogs ...
+
+## Amazon CloudWatch Logs options
+
+You can use the `--log-opt NAME=VALUE` flag to specify Amazon CloudWatch Logs logging driver options.
+
+### awslogs-region
+
+You must specify a region for the `awslogs` logging driver. You can specify the
+region with either the `awslogs-region` log option or `AWS_REGION` environment
+variable:
+
+    docker run --log-driver=awslogs --log-opt awslogs-region=us-east-1 ...
+
+### awslogs-group
+
+You must specify a
+[log group](http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/WhatIsCloudWatchLogs.html)
+for the `awslogs` logging driver.  You can specify the log group with the
+`awslogs-group` log option:
+
+    docker run --log-driver=awslogs --log-opt awslogs-region=us-east-1 --log-opt awslogs-group=myLogGroup ...
+
+### awslogs-stream
+
+To configure which
+[log stream](http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/WhatIsCloudWatchLogs.html)
+should be used, you can specify the `awslogs-stream` log option.  If not
+specified, the container ID is used as the log stream.
+
+> **Note:**
+> Log streams within a given log group should only be used by one container
+> at a time.  Using the same log stream for multiple containers concurrently
+> can cause reduced logging performance.
+
+## Credentials
+
+You must provide AWS credentials to the Docker daemon to use the `awslogs`
+logging driver. You can provide these credentials with the `AWS_ACCESS_KEY_ID`,
+`AWS_SECRET_ACCESS_KEY`, and `AWS_SESSION_TOKEN` environment variables, the
+default AWS shared credentials file (`~/.aws/credentials` of the root user), or
+(if you are running the Docker daemon on an Amazon EC2 instance) the Amazon EC2
+instance profile.
+
+Credentials must have a policy applied that allows the `logs:CreateLogStream`
+and `logs:PutLogEvents` actions, as shown in the following example.
+
+    {
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Action": [
+            "logs:CreateLogStream",
+            "logs:PutLogEvents"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ]
+    }
+
+
--- a/docs/reference/logging/index.md
+++ b/docs/reference/logging/index.md
@ -15,4 +15,5 @@ weight=8

 * [Configuring logging drivers](overview)
 * [Fluentd logging driver](fluentd)
-* [Journald logging driver](journald)
+* [Journald logging driver](journald)
+* [Amazon CloudWatch Logs logging driver](awslogs)
--- a/docs/reference/logging/overview.md
+++ b/docs/reference/logging/overview.md
@ -23,6 +23,7 @@ container's logging driver. The following options are supported:
 | `journald`  | Journald logging driver for Docker. Writes log messages to `journald`.                                                        |
 | `gelf`      | Graylog Extended Log Format (GELF) logging driver for Docker. Writes log messages to a GELF endpoint likeGraylog or Logstash. |
 | `fluentd`   | Fluentd logging driver for Docker. Writes log messages to `fluentd` (forward input).                                          |
+| `awslogs`   | Amazon CloudWatch Logs logging driver for Docker. Writes log messages to Amazon CloudWatch Logs.                              |

 The `docker logs`command is available only for the `json-file` logging driver.  

@ -128,3 +129,15 @@ For example, to specify both additional options:
 If container cannot connect to the Fluentd daemon on the specified address,
 the container stops immediately. For detailed information on working with this
 logging driver, see [the fluentd logging driver](/reference/logging/fluentd/)
+
+## Specify Amazon CloudWatch Logs options
+
+The Amazon CloudWatch Logs logging driver supports the following options:
+
+    --log-opt awslogs-region=<aws_region>
+    --log-opt awslogs-group=<log_group_name>
+    --log-opt awslogs-stream=<log_stream_name>
+
+
+For detailed information on working with this logging driver, see [the awslogs logging driver](/reference/logging/awslogs/)
+reference documentation.