- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
Hi,
The IAM policy is correct but something is amiss in the command you shared. Some observations / queries:
-
Is your container actually running after you issue the command? The above syntax does not throw any error but does not even start the container for me. You can confirm with 'docker ps' or 'docker ps -a'
-
By <<my-container-name>> in your command above do you mean to imply the name of the image to launch the container with. In that case provide the name of the image at the end of the command. Docker run command usage is:
docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
- awslogs-create-stream is not a valid log-opt parameter and returns "docker: Error response from daemon: unknown log opt 'awslogs-create-stream' for awslogs log driver." Checked this against the latest docker documentation and docker v20.10.17.
Try this command:
docker run -d -p 9092:9092 -t --log-driver=awslogs --log-opt awslogs-region=us-east-1 --log-opt awslogs-group="gRPC-POC" --log-opt awslogs-stream="gRPC-POC-log" --log-opt awslogs-create-group=true <<my-image-name>>
--Syd
Tanks a lot, @Syd :) Of course, it was the order of the options and the image name. You saved my day.
Have you checked out this Premium Support article - https://aws.amazon.com/premiumsupport/knowledge-center/cloudwatch-docker-container-logs-proxy/
Thanks, but why should I use a proxy to push the logs to CloudWatch, if the daemon does this itself? Except for adding "an additional layer of security between your Docker instances and internet-bound traffic" - but currently I have another goal: to establish the communication transporting the container logs to CloudWatch.
Contenuto pertinente
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata 2 anni fa
You can confirm whether the container is getting the role your intend to use, using this cli
aws sts get-caller-identity
from within the containerI meant doing that from within the container (e.g.
docker exec -it <container_id> bash
)