Datadog Live Containers enables real-time visibility into all containers across your environment.
Taking inspiration from bedrock tools like htop, ctop, and kubectl, live containers give you complete coverage of your container infrastructure in a continuously updated table with resource metrics at two-second resolution, faceted search, and streaming container logs.
Coupled with Docker, Kubernetes, ECS, and other container technologies, plus built-in tagging of dynamic components, the live container view provides a detailed overview of your containers' health, resource consumption, logs, and deployment in real time:
To see your live containers, navigate to the Containers page. This automatically brings you to the Containers view.
See the Live Containers Configuration documentation for detailed configuration steps for Helm and DaemonSets.
Containers are, by their nature, extremely high cardinality objects. Datadog’s flexible string search matches substrings in the container name, ID, or image fields.
If you’ve enabled Kubernetes Resources, strings such as pod, deployment, ReplicaSet, and service name, as well as Kubernetes labels are searchable in a Kubernetes Resources view.
To combine multiple string searches into a complex query, you can use any of the following Boolean operators:
ANDjava AND elasticsearchORjava OR pythonNOT / !NOT or ! character to perform the same operationjava NOT elasticsearch or java !elasticsearchUse parentheses to group operators together. For example, (NOT (elasticsearch OR kafka) java) OR python.
The screenshot below displays a system that has been filtered down to a Kubernetes cluster of 25 nodes. RSS and CPU utilization on containers is reported compared to the provisioned limits on the containers, when they exist. Here, it is apparent that the containers in this cluster are over-provisioned. You could use tighter limits and bin packing to achieve better utilization of resources.
Container environments are dynamic and can be hard to follow. The following screenshot displays a view that has been pivoted by kube_service and host—and, to reduce system noise, filtered to kube_namespace:default. You can see what services are running where, and how saturated key metrics are:
You could pivot by ECS ecs_task_name and ecs_task_version to understand changes to resource utilization between updates.
For Kubernetes resources, select Datadog tags such as environment, service, or pod_phase to filter by. You can also use the container facets on the left to filter a specific Kubernetes resource. Group pods by Datadog tags to get an aggregated view which allows you to find information quicker. You can search Kubernetes labels, but they are not available in the cluster map.
Containers are tagged with all existing host-level tags, as well as with metadata associated with individual containers.
All containers are tagged by image_name, including integrations with popular orchestrators, such as ECS and Kubernetes, which provide further container-level tags. Additionally, each container is decorated with Docker, ECS, or Kubernetes icons so you can tell which are being orchestrated at a glance.
ECS containers are tagged by:
task_nametask_versionecs_clusterKubernetes containers are tagged by:
pod_namekube_pod_ipkube_servicekube_namespacekube_replica_setkube_daemon_setkube_jobkube_deploymentkube_clusterIf you have a configuration for Unified Service Tagging in place, env, service, and version is picked up automatically.
Having these tags available lets you tie together APM, logs, metrics, and live container data.
The Containers view includes Scatter Plot and Timeseries views, and a table to better organize your container data by fields such as container name, status, and start time.
Use the scatter plot analytic to compare two metrics with one another in order to better understand the performance of your containers.
You can switch between the “Scatter Plot” and “Timeseries” tabs in the collapsible Summary Graphs section in the Containers page:
By default, the graph groups by the short_image tag key. The size of each dot represents the number of containers in that group, and clicking on a dot displays the individual containers and hosts that contribute to the group.
The query at the top of the scatter plot analytic allows you to control your scatter plot analytic:
While actively working with the containers page, metrics are collected at a 2-second resolution. This is important for highly volatile metrics such as CPU. In the background, for historical context, metrics are collected at 10s resolution.
If you have enabled Kubernetes Resources for Live Containers, toggle among the Clusters, Pods, Deployments, ReplicaSets, DaemonSets, StatefulSets, Services, CronJobs, Jobs, and Nodes views in the “Select a resource” dropdown menu in the top left corner of the page.
Each of these views includes a data table to help you better organize your data by field such as status, name, and Kubernetes labels, and a detailed Cluster Map to give you a bigger picture of your pods and Kubernetes clusters.
Group pods by tags or Kubernetes labels to get an aggregated view which allows you to find information quicker. You can perform a group by using the “Group by” bar on the top right of the page or by clicking on a particular tag or label and locating the group by function in the context menu as shown below.
You can also leverage facets on the left hand side of the page to quickly group resources or filter for resources you care most about, such as pods with a CrashLoopBackOff pod status.
A Kubernetes Cluster Map gives you a bigger picture of your pods and Kubernetes clusters. You can see all of your resources together on one screen with customized groups and filters, and choose which metrics to fill the color of the pods by.
Drill down into resources from Cluster Maps by click on any circle or group to populate a detailed panel.
You can see all of your resources together on one screen with customized groups and filters, and choose which metrics to fill the color of the pods by.
Click on any row in the table or on any object in a Cluster Map to view information about a specific resource in a side panel.
For a detailed dashboard of this resource, click the View Dashboard in the top right corner of this panel.
This panel is useful for troubleshooting and finding information about a selected container or resource, such as:
DNS or ip_type, or use the Group by filter in this view to group network data by tags, like pod_name or service.Kubernetes Resources views have a few additional tabs:
For a detailed dashboard of this resource, click the View Dashboard in the top right corner of this panel.
The Resource Utilization tab is to the right of to the Cluster Map tab.
This tab displays your CPU and memory usage over time. This information helps you detect where resources may be over- or under-provisioned.
Click on any row in the table to view informatiion about a specific resource in a side panel.
In the above screenshot, pods are grouped by cluster name. The side panel is opened for pods within a particular cluster. Average CPU and memory usage for these pods is displayed.
View streaming logs for any container like docker logs -f or kubectl logs -f in Datadog. Click any container in the table to inspect it. Click the Logs tab to see real-time data from live tail or indexed logs for any time in the past.
With live tail, all container logs are streamed. Pausing the stream allows you to easily read logs that are quickly being written; unpause to continue streaming.
Streaming logs can be searched with simple string matching. See Live Tail for more details.
Note: Streaming logs are not persisted, and entering a new search or refreshing the page clears the stream.
You can see indexed logs that you have chosen to index and persist by selecting a corresponding timeframe. Indexing allows you to filter your logs using tags and facets. For example, to search for logs with an Error status, type status:error into the search box. Autocompletion can help you locate the particular tag that you want. Key attributes about your logs are already stored in tags, which enables you to search, filter, and aggregate as needed.
health value is the containers' readiness probe, not its liveness probe.
