Jochen
Yes I agree, the issue is apparently well known in the Docker world
*What is basically happening is that when my laptop hibernates or goes to
sleep, the Docker runtime loses track of time*
this my be a Hyper-V issue and/or the way Docker works under Hyper V
*when the laptop 'awakes' then Windows re-syncs with the correct time - but
Docker doesn't*
as a consequence the containers running inside Docker also lose track of
time
It seems the solution isn't that simple, I need to find a way to make
Docker itself re-sync with an external time source, it doesn't pick up the
time from Windows
It looks like a lot of 'faff' to make the Docker machine or VM call a time
server
It's worth knowing that this is a significant issue when running Graylog in
a Docker VM on Windows
IF I find a solution I will let you know
On Thursday, December 15, 2016 at 8:33:12 PM UTC, Jochen Schalanda wrote:
>
> Hi Mike,
>
> this totally sounds like a problem with the system time on/in the virtual
> machine you're running Docker in.
>
> Check that the system time in your VM is correct and synched with the host
> system.
>
> Cheers,
> Jochen
>
> On Thursday, 15 December 2016 19:51:23 UTC+1, Mike Norris wrote:
>>
>> Hi
>>
>> I have docker running on my laptop Microsoft Surface/Windows 10
>>
>> Graylog is running as 3 x containers inside Docker (1 = mongo db, 2 =
>> elasticsearch, 3 = graylog itself)
>>
>> I am sending in messages using HTTP Gelf
>>
>> My messages are mismatched in the wrong timezone/timestamp
>>
>> *It seems the issue is the timezone(s) used by the docker containers
>> themselves*
>>
>> e.g. the docker container shows Wed Dec 14 22:45:22 UTC 2016 as the time
>> e.g. the actual time on my laptop is Thu Dec 15 18:43:00
>>
>> So docker is #behind the time' by best part of a day
>>
>> I've tried amending the GRAYLOG_TIMEZONE to Europe/London in my config
>> file
>>
>> But docker keeps being the 'master' if you like, time whenever I search
>> is shown in the past
>>
>> e.g. I can send a message in right now and do a RELATIVE search for last
>> 15 mins say
>>
>> This draws a histogram that shows there are message; but the timeline is
>> all wrong
>>
>> The timeline is Docker's own time 22.45 (10.45pm) on Weds 14th not the
>> real time of Thurs 15th at 18:43
>>
>> So how do I get the graylog container (and elasticsearch and mongo) to
>> line up with the real time on my laptop ?
>>
>> *I get the docker time by entering this command*
>>
>> docker exec -it {container-id] date
>>
>>
>>
>
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/graylog2/cc70ae8c-1780-4321-ae32-8f9e6e389bcd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
