/ HOWTO

Monitorización de contenedores Docker.


Mostraremos algunas maneras de monitorizar que está ocurriendo en nuestro servicio Docker, contenedores y consumo de recursos.


El estado de variables, objetos y configuraciones de Docker se pueden ver con “info”.

# docker info
Containers: 9
 Running: 1
 Paused: 0
 Stopped: 8
Images: 46
Server Version: 17.10.0-ce
Storage Driver: overlay2
 Backing Filesystem: extfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 06b9cb3749fef02f7cea8e0
runc version: 0351df19450de844e2d
init version: 949e6fa
Security Options:
 seccomp
  Profile: default
Kernel Version: 4.9.59-1-MANJARO
Operating System: Manjaro Linux
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 7.685GiB
Name: testingdock
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Username: testing
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

Existe un fichero de logs en cada contenedor, podemos ver el log de una manera sencilla con este comando.

# docker logs ce7aea05b590

Como el fichero es almacenado en formato JSON, no es tán fácil entenderlo para una persona, pero el formato es eficiente para ser procesado.

# cat  /var/lib/docker/containers/ce7aea05b590455bf6108fe464c01a0d41f247545f90db4330b960b0c3410fcc/ce7aea05b590455bf6108fe464c01a0d41f247545f90db4330b960b0c3410fcc-json.log
{"log":"\u001b]0;root@ce7aea05b590: /\u0007root@ce7aea05b590:/# ll\r\n","stream":"stdout","time":"2017-10-30T08:25:36.729400498Z"}
{"log":"total 80\r\n","stream":"stdout","time":"2017-10-30T08:25:36.734882138Z"}
{"log":"drwxr-xr-x   1 root root 4096 Oct 30 08:25 \u001b[0m\u001b[01;34m.\u001b[0m/\r\n","stream":"stdout","time":"2017-10-30T08:25:36.734951098Z"}
{"log":"drwxr-xr-x   1 root root 4096 Oct 30 08:25 \u001b[01;34m..\u001b[0m/\r\n","stream":"stdout","time":"2017-10-30T08:25:36.734979907Z"}
{"log":"-rwxr-xr-x   1 root root    0 Oct 30 08:18 \u001b[01;32m.dockerenv\u001b[0m*\r\n","stream":"stdout","time":"2017-10-30T08:25:36.735002699Z"}
{"log":"-rw-r--r--   1 root root   17 Oct 30 08:22 TEST.TXT\r\n","stream":"stdout","time":"2017-10-30T08:25:36.735024275Z"}
{"log":"drwxr-xr-x   1 root root 4096 Oct 30 08:15 \u001b[01;34mbin\u001b[0m/\r\n","stream":"stdout","time":"2017-10-30T08:25:36.735043809Z"}
{"log":"drwxr-xr-x   2 root root 4096 Oct 16 07:46 \u001b[01;34mboot\u001b[0m/\r\n","stream":"stdout","time":"2017-10-30T08:25:36.735064216Z"}
{"log":"drwxr-xr-x   5 root root  360 Oct 30 08:18 \u001b[01;34mdev\u001b[0m/\r\n","stream":"stdout","time":"2017-10-30T08:25:36.735238898Z"}
{"log":"drwxr-xr-x   1 root root 4096 Oct 30 08:18 \u001b[01;34metc\u001b[0m/\r\n","stream":"stdout","time":"2017-10-30T08:25:36.735268872Z"}
{"log":"-rw-r--r--   1 root root 1024 Oct 30 08:25 test2.txt\r\n","stream":"stdout","time":"2017-10-30T08:25:36.735507997Z"}
{"log":"drwxrwxrwt   1 root root 4096 Oct 30 08:15 \u001b[30;42mtmp\u001b[0m/\r\n","stream":"stdout","time":"2017-10-30T08:25:36.735526879Z"}
{"log":"drwxr-xr-x   1 root root 4096 Oct 19 08:15 \u001b[01;34musr\u001b[0m/\r\n","stream":"stdout","time":"2017-10-30T08:25:36.735598722Z"}
{"log":"drwxr-xr-x   1 root root 4096 Oct 19 08:15 \u001b[01;34mvar\u001b[0m/\r\n","stream":"stdout","time":"2017-10-30T08:25:36.735626578Z"}
{"log":"\u001b]0;root@ce7aea05b590: /\u0007root@ce7aea05b590:/# exit\r\n","stream":"stdout","time":"2017-10-30T08:59:39.23022254Z"}
{"log":"\u001b]0;root@ce7aea05b590: /\u0007root@ce7aea05b590:/# exit\r\n","stream":"stdout","time":"2017-10-30T09:50:52.401386326Z"}
{"log":"\u001b]0;root@ce7aea05b590: /\u0007root@ce7aea05b590:/# exit\r\n","stream":"stdout","time":"2017-10-30T09:51:13.508349618Z"}

Invocar al comando “events” mostrará que actividades ocurren en docker, procesos que corren, se paran, objetos que se borran y en tiempo real. Podemos dejar una sesión abierto viendo la actividad.

# docker events
2017-10-30T11:24:10.912081332+01:00 container exec_create: /bin/bash  ce7aea05b590455bf6108fe464c01a0d41f247545f90db4330b960b0c3410fcc (image=ubussh, name=ubussh1)
2017-10-30T11:24:10.912789994+01:00 container exec_start: /bin/bash  ce7aea05b590455bf6108fe464c01a0d41f247545f90db4330b960b0c3410fcc (image=ubussh, name=ubussh1)
2017-10-30T11:24:24.133940842+01:00 container exec_create: /bin/bash  ce7aea05b590455bf6108fe464c01a0d41f247545f90db4330b960b0c3410fcc (image=ubussh, name=ubussh1)
2017-10-30T11:24:24.134491537+01:00 container exec_start: /bin/bash  ce7aea05b590455bf6108fe464c01a0d41f247545f90db4330b960b0c3410fcc (image=ubussh, name=ubussh1)

Tenemos también estadísticas en tiempo real, de todos los contenedores corriendo. CPU, Memoria, Red y Procesos corriendo.

# docker stats
CONTAINER ID        NAME                CPU %               MEM USAGE / LIMIT     MEM %               NET I/O             BLOCK I/O           PIDS
ce7aea05b590        ubussh1             0.00%               1.969MiB / 7.685GiB   0.03%               2.89kB / 0B         0B / 0B             1

Mientras que este comando mostrará las estadísticas para un solo contenedor ( ce7aea05b590 ).

# docker stats ce7aea05b590

El comando Inspect nos mostrará el PID real ( 28499 ), las carpetas reales en nuestro equipo donde se almacenan objetos, nombres de contenedor, puertos expuestos, datos de la red que utiliza, ip, etc.

Nos brindará mucha información importante de un contenedor que no podríamos averiguar fácilmente.

# docker container inspect ce7aea05b590
[
    {
        "Id": "ce7aea05b590455bf6108fe464c01a0d41f247545f90db4330b960b0c3410fcc",
        "Created": "2017-10-30T08:18:02.462402393Z",
        "Path": "/bin/bash",
        "Args": [],
        "State": {
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 28499,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2017-10-30T09:51:16.040170149Z",
            "FinishedAt": "2017-10-30T09:51:13.597532751Z"
        },
        "Image": "sha256:e3ea86d084a35d69b6e93f9a09dfc1e2814fcd341fa7567f250be466e29b01b2",
        "ResolvConfPath": "/var/lib/docker/containers/ce7aea05b590455bf6108fe464c01a0d41f247545f90db4330b960b0c3410fcc/resolv.conf",
        "HostnamePath": "/var/lib/docker/containers/ce7aea05b590455bf6108fe464c01a0d41f247545f90db4330b960b0c3410fcc/hostname",
        "HostsPath": "/var/lib/docker/containers/ce7aea05b590455bf6108fe464c01a0d41f247545f90db4330b960b0c3410fcc/hosts",
        "LogPath": "/var/lib/docker/containers/ce7aea05b590455bf6108fe464c01a0d41f247545f90db4330b960b0c3410fcc/ce7aea05b590455bf6108fe464c01a0d41f247545f90db4330b960b0c3410fcc-json.log",
        "Name": "/ubussh1",
......
        "Config": {
            "Hostname": "ce7aea05b590",
            "Domainname": "",
            "User": "",
            "AttachStdin": true,
            "AttachStdout": true,
            "AttachStderr": true,
            "ExposedPorts": {
                "22/tcp": {}
            },
            "Tty": true,
            "OpenStdin": true,
            "StdinOnce": true,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                "NOTVISIBLE=in users profile"
            ],
            "Cmd": [
                "/bin/bash"
            ],
            "Image": "ubussh",
            "Volumes": null,
            "WorkingDir": "",
            "Entrypoint": null,
            "OnBuild": null,
            "Labels": {}
...
        "NetworkSettings": {
            "Bridge": "",
            "SandboxID": "1e3fe04e03feaa0afcbadf659e731c0e94b0179ba6c95e181feb26bac05f80bb",
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "Ports": {
                "22/tcp": null
            },
            "SandboxKey": "/var/run/docker/netns/1e3fe04e03fe",
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID": "b5be5f46bc383e93083baa8c6005e8c509d5b68390cd5fd07a30d48d3c66fa06",
            "Gateway": "172.17.0.1",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "172.17.0.2",
            "IPPrefixLen": 16,
            "IPv6Gateway": "",
            "MacAddress": "02:42:ac:11:00:02",
....
            }
        }
    }
]

En este caso descubrimos que el “bash” corriendo en un contenedor es el PID 28499 de nuestro equipo real. 28499 pts/0 00:00:00 bash

y el contenedor está utilizando el ip 172.17.0.2 y “MacAddress”: “02:42:ac:11:00:02”.

Subscríbete y recibirás los últimos artículos semanalmente en tu email.