Cloudwatch Logs

Expected behavior

Expected CloudWatchLogs to work out of the box if I set --log-driver awslogs

Actual behavior

Permission Error

Additional Information

Can be fixed by adding CloudWatch Permissions to the Docker-ProxyRole

Would be cool if this was default in the next version of CloudFormation script

Steps to reproduce the behavior

  1. create swarm
  2. create log group “whatever” in awslogs
  3. start a service with --log-driver awslogs --log-opt awslogs-group=whatever

Great suggestion, thanks!

Since you care about this topic: Do you think we should configure CloudWatch logging out of the box for both services and the daemons?

yes, unless --log-driver is used with something different than awslogs. It would be much easier if the default was awslogs with awslogs-group=servicename, and the log-group being created automatically the same way that the ELB is configured.

Right now there seems to be no easy way to see your logs without overriding the log-driver, as you can’t ssh onto the worker-nodes…

Just came across another reason why it would be really great if CloudwatchLogs was default:

.DAB does not support the logging key right now

That’s why we postponed docker-compose bundling until that is integrated - but if CloudwatchLogs is default, then there would be nothing left blocking us from going down the .DAB route :wink: