DocumentationDiscussions
Documentation
DocumentationDiscussions
Documentation

Overview

Deployment with Docker

Seq is distributed as an officially supported datalust/seq container image on Docker Hub.

👍

Kubernetes support

Seq has a Helm chart for simplifying deployments in Kubernetes. See the Kubernetes deployment docs for more details.

Running Seq in a Docker container

PH=$(echo '<password>' | docker run --rm -i datalust/seq config hash)

mkdir -p <local path to store data>

docker run \
  --name seq \
  -d \
  --restart unless-stopped \
  -e ACCEPT_EULA=Y \
  -e SEQ_FIRSTRUN_ADMINPASSWORDHASH="$PH" \
  -v <local path to store data>:/data \
  -p 80:80 \
  -p 5341:5341 \
  datalust/seq

This will start a Seq instance with:

  • --name seq to be able to run commands using the container name, e.g. docker stop seq
  • -d run in daemon mode (in the background), omit this argument to see container logs in stdout
  • --restart unless-stopped always restart the Seq docker container if it stops, except when you run docker stop seq
  • -e ACCEPT_EULA=Y to run Seq, you must accept the End User License Agreement
  • -e SEQ_FIRSTRUN_ADMINPASSWORDHASH="$PH" to set an initial password for the admin user account; replace <password> with your desired password; the first line above stores a cryptographic hash of the password into the environment variable $PH (bash syntax)
  • -v <local path to store data>:/data mounts <local path to store data> on the host machine to /data on the docker container - this is where Seq stores all its configuration and log files. Storing Seq data outside of the container means that Seq's log data and metadata persist beyond the life of the container, and don't increase the size of the docker container.
  • -p 80:80 map the host's localhost:80 to Seq UI and API (port 80)
  • -p 5341:5341 map the host's localhost:5341 to Seq's special ingestion-only port (port 5341). We recommend exposing the ingestion-only port separately.

The container can be stopped and started using the docker stop seq and docker start seq commands, respectively.

After running the command above, browse the Seq UI at http://localhost:80.

1920

The Seq web UI, showing a search bar and a list of most recent events in descending order.

Persistent volumes

The Seq Docker container stores configuration and log events in its /data directory. For this directory to survive container restarts, it needs to be mapped to a persistent volume using -v on the command-line, as in the example above.

Seq is a database; the volume provided to it should be equivalent to local disk storage, for example an Azure Disks VHD or an AWS EBS volume.

Only one running Seq container can access a storage volume concurrently: it's not possible to run two or more container instances pointing to the same storage.

Enabling authentication

If you specified an initial password for the admin account on the docker run command-line, authentication will already be enabled.

If not, your next step should be visiting Settings > Users and enabling authentication.

Ingesting events

Using logging and tracing libraries

Before you can benefit from Seq, your applications need to be configured to send events through one of the supported libraries.

  • Using Serilog - Serilog is a modern logging library for the .NET platform with deep support for structured event data. With the addition of SerilogTracing Serilog can also produce traces.
  • Using ASP.NET Core - the Microsoft.Extensions.Logging library included in ASP.NET Core works well with Seq.
  • Using OpenTelemetry - OpenTelemetry provides logging and tracing client libraries for all major programming languages.
  • Using Node.js - on Node.js, we support the Pino, Winston, and Bunyan logging libraries.
  • Seq integrates with a range of languages, libraries and frameworks, and has a simple HTTP API for receiving log data. Learn more about getting logs into Seq.

📘

If you're unsure where to start, we recommend Serilog.

Using CLI or HTTP

Your applications can also log events to Seq by tailing their output with the seqcli command-line client 

./my-app | seqcli ingest

or posting JSON directly to Seq:

curl -XPOST "http://your-seq-host/api/events/raw?clef" \
  -d "{'@t':'2018-06-07T03:44:57.8532799Z','@mt':'Hello, {User}','User':'alice'}"

Containerized services can also forward their logs to Seq natively using Docker's GELF (Graylog extended log format) log driver.

Changing the default ingestion port

Containers can expose the limited ingestion port in addition to, or instead of, the API port. In the container the ingestion port is mapped to 5341:

docker run \
  -e ACCEPT_EULA=Y \
  -v $HOST_PATH_TO_SEQ:/data \
  -p $HOST_HTTP_PORT:80 \
  -p $HOST_INGESTION_PORT:5341 \
  datalust/seq:latest

where:

  • $HOST_PATH_TO_SEQ is an absolute path on the container host for the Seq instance to use.
  • $HOST_INGESTION_PORT is a port on the host to expose the Seq ingestion endpoint on.

Running other Seq commands in a docker container

Any arguments specified after the datalust/seq:latest image in the docker run command will be passed as arguments to the Seq binary:

docker run \
  --rm \
  -e ACCEPT_EULA=Y \
  -v $HOST_PATH_TO_SEQ:/data \
  datalust/seq:latest version

where:

  • $HOST_PATH_TO_SEQ is an absolute path on the container host for the Seq instance to use.

Container environment

File paths

Important file paths used by Seq in the container.

ValueDescription
/dataLocation of Seq extents and logs

Ports

Important ports used by Seq in the container.

ValueDescription
:80The Seq HTTP API and UI
:443The API and UI, served over HTTPS (requires a TLS certificate)
:5341The ingestion-only HTTP API endpoint
:45341The ingestion-only endpoint, served over HTTPS (requires a TLS certificate)

Environment variables

Environment variables used by Seq in the container. For a full list of environment variables supported by the container, see the Server Configuration reference.

ValueDescription
ACCEPT_EULAMust be set to Y to indicate acceptance of the Seq EULA
SEQ_API_CANONICALURIThe external URI that can be used to reach Seq outside of the container
SEQ_FIRSTRUN_ADMINUSERNAMEA username for the default administrator account, used only when the container is first initialized; the default is admin
SEQ_FIRSTRUN_ADMINPASSWORDA less-secure alternative to SEQ_FIRSTRUN_ADMINPASSWORDHASH that accepts the default admin account password in plain text
SEQ_FIRSTRUN_ADMINPASSWORDHASHA salted, cryptographic hash of the default administrator password, used only when the container is first initialized; the default is to set no password; create the hash using docker run datalust/seq config hash and supply the password to STDIN

📘

Always set SEQ_FIRSTRUN_ADMINPASSWORD or SEQ_FIRSRUN_ADMINPASSWORDHASH

It's best-practice to keep one of these variables set, even after initial configuration.

If for any reason the Seq storage volume is lost or cleared, perhaps due to misconfiguration, or a hosting environment update, the Seq instance will be reinitialized with its default configuration.

Having a password set through one of these variables will ensure that the default configuration is always appropriately secured in this scenario.

What's next?

Once your apps are happily sending events to Seq, you can:

Happy logging!

Updated 7 months ago