容器化应用程序需要集中式日志记录和监控,因为容器是短暂的且数量众多——必须在外部收集日志和指标,以便在容器移除后仍然保留这些信息,并提供整个系统的可见性。这是生产容器必不可少的可观测性。
日志记录:向 stdout/stderr 输出,集中聚合
text
BEST PRACTICE: containers should log to STDOUT/STDERR (not to files inside the container):
→ Docker captures these (`docker logs`); a logging DRIVER forwards them elsewhere
→ WHY: containers are EPHEMERAL — logs in a removed container are LOST. Centralize them.
text
Logging drivers / pipelines forward logs to a central system:
→ json-file (default), syslog, fluentd, awslogs, gelf, etc. (--log-driver)
→ Aggregation stacks: ELK/Elastic (Elasticsearch+Logstash+Kibana), Loki+Grafana,
cloud logging (CloudWatch, Stackdriver), Datadog, etc.
→ Centralized logs: searchable, persistent, span ALL containers/hosts → real visibility