Logging from CoreOS to Logentries

a new simple method to send log data from CoreOS nodes to Logentries

Set the Logentries account key in etcdctl

etcdctl set /settings/global/le_account_key <account_key>

Register a new host and set the host key for the node’s ip addres in etcdctl

etcdctl set /le/`/bin/ifconfig eth0 | awk '/inet /{print $2}'` <host_key>

Mount the logs directory as a volume and follow some log files

docker run —rm -it -v /home/core/log:/data gbenhaim/le —account-key=<account_key> —host-key=<host_key> follow “/data/backend/*” —name “backend.log”

Write a fleet unit file and start the service

[Unit]
Description=Logentries logger
After=docker.service
[Service]
TimeoutStartSec=0
ExecStartPre=-/usr/bin/docker kill le
ExecStartPre=-/usr/bin/docker rm le
ExecStartPre=/usr/bin/docker pull gbenhaim/le
ExecStart=/usr/bin/bash -c \
“export HOST_IP=`/bin/ifconfig eth0 | awk ‘/inet /{print $2}’`; \
export HOST_KEY=`etcdctl get /le/$HOST_IP`; \
/usr/bin/docker run —privileged —name le -v /home/core/log:/data gbenhaim/le \
—account-key=`etcdctl get /settings/global/le_account_key` \
—host-key=$HOST_KEY \
monitor” 
ExecStop=/usr/bin/docker stop le
[X-Fleet]
Global=true

Setting Global=true will make the service run on all machines in the cluster,
if all of them have host keys set in etcdctl and are set to follow some logs the entire cluster will automagically send log data to Logentries.

One issue with this method is that network statistics that are reported to Logentries are incorrect, as the Docker container doesn’t have access to the actual network interface.

If its possible that the node ip will change (like on EC2), consider storing the host key in a local file instead of etcd. Make sure it has the same path on each one of the nodes in the cluster.