The logs generated by Docker containers are scattered in different isolated containers, and the container has the characteristics of "ready to use". The traditional solution is to mount the log files to the host, but the containers often drift, bringing challenges to the unified view of the log, while the traditional Docker container log analysis system has the problems of weak expansibility and low efficiency. This study uses Kubernetes to implement container management, service discovery and scheduling, uses Filebeat to collect log files on containers and host computers, Redis as a cache, Logstash forwarding, and uses the mainstream open source log collection system ELK to store, view, and retrieve log. The system has the characteristics of real time, reliability and extensibility, and improves the efficiency of operation and maintenance personnel.