小贝子编程

Logstash 在通过 URL 'http://elasticsearch:9200/ 联系 Elasticsearch '401'获得响应代码



我正试图在docker环境中设置一个ELK堆栈,但到目前为止,我在Logstash方面运气不佳。我已经让Kibana+Elastic运行并相互连接,但无法让logstash工作。我一开始尝试过不同的配置和github转发,但似乎都不起作用。

我得到以下错误:

[logstash.licenseccer.licensereader]试图恢复与已死亡ES实例的连接,但出现错误{:url=>"http://elasticsearch:9200/"exception=>LogStash::输出::ElasticSearch::HttpClient::Pool::BadResponseCodeError,:message=>quot;在URL上联系Elasticsearch时收到响应代码"401"http://elasticsearch:9200/"}

我得到的另一件事是:

〔2022-09-12T13:16:18558〕〔ERROR〕〔logstash.monioning.internalpipelinesource〕无法从Elasticsearch获取X-Pack信息。这可能是由于无法访问活动的Elasticsearch集群。

我的docker组成是:

version: '3.8'
services:
server:
build:
context: ./
target: dev
volumes:
- .:/src
command: npm run dev
container_name: server
ports:
- "${NODE_PORT}:${NODE_PORT}"
environment:
NODE_ENV: development
DEBUG: nodejs-docker-express:*
networks:
- network-name
kibana:
build:
context: ./docker/kibana/
args:
ELASTIC_PORT: ${ELASTIC_PORT}
ELASTIC_VERSION: ${ELASTIC_VERSION}
container_name: kibana
ports:
- "${KIBANA_PORT}:${KIBANA_PORT}"
volumes:
- ./docker/kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml:ro,Z
environment:
KIBANA_SYSTEM_PASSWORD: ${KIBANA_SYSTEM_PASSWORD}
ELASTIC_PORT: ${ELASTIC_PORT}
networks:
- network-name
elasticsearch:
build:
context: ./docker/elasticsearch/
args: 
ELASTIC_VERSION: ${ELASTIC_VERSION}
volumes:
- ./docker/elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro,z
- ./docker/elasticsearch/data:/usr/share/elasticsearch/data:z
container_name: elasticsearch
ports:
- "${ELASTIC_PORT}:${ELASTIC_PORT}"
environment:
ES_JAVA_OPTS: -Xms512m -Xmx512m
ELASTIC_PASSWORD: ${ELASTIC_PASSWORD:-}
discovery.type: single-node
networks:
- network-name
logstash:
build:
context: ./docker/logstash/
args:
ELASTIC_VERSION: ${ELASTIC_VERSION}
volumes:
- ./docker/logstash/pipeline:/usr/share/logstash/pipeline:ro,Z
container_name: logstash
environment:
ELASTIC_VERSION: ${ELASTIC_VERSION}
ELASTIC_PORT: ${ELASTIC_PORT}
LOGSTASH_INTERNAL_PASSWORD: ${LOGSTASH_INTERNAL_PASSWORD}
ports:
- "5044:5044"
- "50000:50000/tcp"
- "50000:50000/udp"
- "9600:9600"
networks:
- network-name
networks:
network-name:
name: "network-name"
driver_opts:
icc: "true"
driver: bridge

的logstash.conf

input {
tcp {
port => 5000
type => syslog
}
}
## Add your filters / logstash plugins configuration here
output {
elasticsearch { 
hosts => ["elasticsearch:9200"]
user => "elastic"
password => "dxAq9YLjR23VqcA4oS1I"
#ssl => true
ssl_certificate_verification => false
timeout => 240
#cacert => '${LS_HOME}/config/ssl/ca.pem'
}
stdout { codec => rubydebug }
}

logstash.yml

http.host: "0.0.0.0"
config.reload.automatic: true
log.level: debug
queue.type: persisted
queue.max_bytes: 1gb
queue.checkpoint.writes: 1

ENV文件


#ELK CONFIG
ELASTIC_PORT=9200
ELASTIC_PASSWORD=dxAq9YLjR23VqcA4oS1I
ELASTIC_VERSION=8.4.0
#KIBANA
KIBANA_PORT=5601
KIBANA_SYSTEM_PASSWORD=1cDUbBrO8XRosNoayRpy
#BEATS
#LOGSTASH
LOGSTASH_INTERNAL_PASSWORD=C9i0SgSq3loKYbdooKTV

我不明白我做错了什么。我已经为所有用户生成了好几次新密码,重建了容器,但logstash似乎什么都不起作用:(

Tldr

Elasticsearch服务不在同一网络上。

CCD_ 1在CCD_ 2上。kibanalogstashtower-defense

然后在elasticsearch服务的环境中,您可以参考${ELASTIC_PASSWORD:-}来获得弹性。。。这不是打字错误吗?

解决方案

version: '3.8'
services:
server:
build:
context: ./
target: dev
volumes:
- .:/src
command: npm run dev
container_name: server
ports:
- "${NODE_PORT}:${NODE_PORT}"
environment:
NODE_ENV: development
DEBUG: nodejs-docker-express:*
networks:
- network-name
kibana:
build:
context: ./docker/kibana/
args:
ELASTIC_PORT: ${ELASTIC_PORT}
ELASTIC_VERSION: ${ELASTIC_VERSION}
container_name: kibana
ports:
- "${KIBANA_PORT}:${KIBANA_PORT}"
volumes:
- ./docker/kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml:ro,Z
environment:
KIBANA_SYSTEM_PASSWORD: ${KIBANA_SYSTEM_PASSWORD}
ELASTIC_PORT: ${ELASTIC_PORT}
networks:
- tower-defense
elasticsearch:
build:
context: ./docker/elasticsearch/
args: 
ELASTIC_VERSION: ${ELASTIC_VERSION}
volumes:
- ./docker/elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro,z
- ./docker/elasticsearch/data:/usr/share/elasticsearch/data:z
container_name: elasticsearch
ports:
- "${ELASTIC_PORT}:${ELASTIC_PORT}"
environment:
ES_JAVA_OPTS: -Xms512m -Xmx512m
ELASTIC_PASSWORD: ${ELASTIC_PASSWORD}
discovery.type: single-node
networks:
- tower-defense
logstash:
build:
context: ./docker/logstash/
args:
ELASTIC_VERSION: ${ELASTIC_VERSION}
volumes:
- ./docker/logstash/pipeline:/usr/share/logstash/pipeline:ro,Z
container_name: logstash
environment:
ELASTIC_VERSION: ${ELASTIC_VERSION}
ELASTIC_PORT: ${ELASTIC_PORT}
LOGSTASH_INTERNAL_PASSWORD: ${LOGSTASH_INTERNAL_PASSWORD}
ports:
- "5044:5044"
- "50000:50000/tcp"
- "50000:50000/udp"
- "9600:9600"
networks:
- tower-defense
networks:
tower-defense:
name: "network-name"
driver_opts:
icc: "true"
driver: bridge

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium