<img src="//i.stack.imgur.com/RUiNP.png" height="16" width="18" alt="" class="sponsor tag img">elasticsearch Fluentd无法连接到Elasticsearch-[warn]：#0[Elasticsearch]无法连接Elasticsearch或获取版本。假设弹性搜索5_<img Src="//i.stack.imgur.com/RUiNP.png" Height="16" Width="18" Alt="" Class="sponsor Tag Img">elasticsearch_Kubernetes_Fluentd

elasticsearch Fluentd无法连接到Elasticsearch-[warn]：#0[Elasticsearch]无法连接Elasticsearch或获取版本。假设弹性搜索5

kubernetes

elasticsearch Fluentd无法连接到Elasticsearch-[warn]：#0[Elasticsearch]无法连接Elasticsearch或获取版本。假设弹性搜索5,elasticsearch,kubernetes,fluentd,elasticsearch,Kubernetes,Fluentd,我正在尝试在baremetal Kubernetes上安装Fluentd，并将消息转发给ElasticSearch。我想安装的Fluentd是“稳定/Fluentd--Version2.4.3”helm图表。我的ElasticSearch拥有自定义tls证书，工作正常 #### Steps to replicate bash-5.0# curl -u "elastic:636ByujI053Pl3Zu5E0ZsnG6" -k "https://escluster

我正在尝试在baremetal Kubernetes上安装Fluentd，并将消息转发给ElasticSearch。我想安装的Fluentd是“稳定/Fluentd--Version2.4.3”helm图表。我的ElasticSearch拥有自定义tls证书，工作正常

#### Steps to replicate
bash-5.0# curl -u "elastic:636ByujI053Pl3Zu5E0ZsnG6" -k "https://escluster-es-http.elastic-system.svc.cluster.local:9200" | jq
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   546  100   546    0     0   7280      0 --:--:-- --:--:-- --:--:--  7280
{
  "name": "escluster-es-default-0",
  "cluster_name": "escluster",
  "cluster_uuid": "0XnwElYuQICbi-QELvNjsw",
  "version": {
    "number": "7.8.0",
    "build_flavor": "default",
    "build_type": "docker",
    "build_hash": "757314695644ea9a1dc2fecd26d1a43856725e65",
    "build_date": "2020-06-14T19:35:50.234439Z",
    "build_snapshot": false,
    "lucene_version": "8.5.1",
    "minimum_wire_compatibility_version": "6.8.0",
    "minimum_index_compatibility_version": "6.0.0-beta1"
  },
  "tagline": "You Know, for Search"
}
bash-5.0#

我的fluentd配置是

...
output:
  host: escluster-es-http.elastic-system.svc.cluster.local
  port: 9200
  scheme: https
  sslVersion: TLSv1_2
  buffer_chunk_limit: 2M
  buffer_queue_limit: 8

env: {}

extraEnvVars:
  - name: ELASTIC_PASSWORD
    valueFrom:
      secretKeyRef:
        name: escluster-es-elastic-user
        key: elastic
extraVolumes:
  - name: es-certs
    secret:
      defaultMode: 420
      secretName: es-tls
extraVolumeMounts:
  - name: es-certs
    mountPath: /certs
    readOnly: true
...

Fluentd已安装，但无法连接到ElasticSearch

吊舱日志：

devadmin@vdi-mk2-ubn:~/fluentd-stable$ kubectl logs fluentd-784b48c5c9-78cf4 -n elastic-system
2020-07-03 16:33:47 +0000 [info]: parsing config file is succeeded path="/etc/fluent/fluent.conf"
2020-07-03 16:33:47 +0000 [warn]: [elasticsearch] Could not connect Elasticsearch or obtain version. Assuming Elasticsearch 5.
2020-07-03 16:33:47 +0000 [info]: using configuration file: <ROOT>
  <match fluent.**>
    @type null
  </match>
  <source>
    @type forward
    port 24224
    bind "0.0.0.0"
  </source>
  <match fluentd.**>
    @type null
  </match>
  <source>
    @type http
    port 9880
    bind "0.0.0.0"
  </source>
  <source>
    @type monitor_agent
    bind "0.0.0.0"
    port 24220
    tag "fluentd.monitor.metrics"
  </source>
  <match **>
    @id elasticsearch
    @type elasticsearch
    @log_level "info"
    include_tag_key true
    host "escluster-es-http.elastic-system.svc.cluster.local"
    port 9200
    scheme http
    ssl_version TLSv1_2
    logstash_format true
    validate_client_version false
    <buffer>
      @type "file"
      path "/var/log/fluentd-buffers/kubernetes.system.buffer"
      flush_mode interval
      retry_type exponential_backoff
      flush_thread_count 2
      flush_interval 5s
      retry_forever
      retry_max_interval 30
      chunk_limit_size 2M
      queue_limit_length 8
      overflow_action block
    </buffer>
  </match>
  <system>
    root_dir "/tmp/fluentd-buffers/"
  </system>
</ROOT>
2020-07-03 16:33:47 +0000 [info]: starting fluentd-1.3.3 pid=1 ruby="2.3.3"
2020-07-03 16:33:47 +0000 [info]: spawn command to main:  cmdline=["/usr/bin/ruby2.3", "-Eascii-8bit:ascii-8bit", "/usr/local/bin/fluentd", "--under-supervisor"]
2020-07-03 16:33:48 +0000 [info]: gem 'fluent-plugin-concat' version '2.3.0'
2020-07-03 16:33:48 +0000 [info]: gem 'fluent-plugin-detect-exceptions' version '0.0.11'
2020-07-03 16:33:48 +0000 [info]: gem 'fluent-plugin-elasticsearch' version '3.0.2'
2020-07-03 16:33:48 +0000 [info]: gem 'fluent-plugin-kubernetes_metadata_filter' version '2.1.6'
2020-07-03 16:33:48 +0000 [info]: gem 'fluent-plugin-multi-format-parser' version '1.0.0'
2020-07-03 16:33:48 +0000 [info]: gem 'fluent-plugin-prometheus' version '1.3.0'
2020-07-03 16:33:48 +0000 [info]: gem 'fluent-plugin-systemd' version '1.0.1'
2020-07-03 16:33:48 +0000 [info]: gem 'fluentd' version '1.3.3'
2020-07-03 16:33:48 +0000 [info]: adding match pattern="fluent.**" type="null"
2020-07-03 16:33:48 +0000 [info]: adding match pattern="fluentd.**" type="null"
2020-07-03 16:33:48 +0000 [info]: adding match pattern="**" type="elasticsearch"
2020-07-03 16:33:48 +0000 [warn]: #0 [elasticsearch] Could not connect Elasticsearch or obtain version. Assuming Elasticsearch 5.
2020-07-03 16:33:48 +0000 [info]: adding source type="forward"
2020-07-03 16:33:48 +0000 [info]: adding source type="http"
2020-07-03 16:33:48 +0000 [info]: adding source type="monitor_agent"
2020-07-03 16:33:48 +0000 [info]: #0 starting fluentd worker pid=10 ppid=1 worker=0
2020-07-03 16:33:48 +0000 [info]: #0 listening port port=24224 bind="0.0.0.0"
2020-07-03 16:33:48 +0000 [info]: #0 fluentd worker is now running worker=0

devadmin@vdi-mk2 ubn:~/fluentd稳定$kubectl原木fluentd-784b48c5c9-78cf4-n弹性系统
2020-07-03 16:33:47+0000[信息]：解析配置文件成功路径=“/etc/fluent/fluent.conf”
2020-07-03 16:33:47+0000[警告]：[elasticsearch]无法连接elasticsearch或获取版本。假设弹性搜索5。
2020-07-03 16:33:47+0000[信息]：使用配置文件：
@类型null
@打字前进
端口24224
绑定“0.0.0.0”
@类型null
@键入http
端口9880
绑定“0.0.0.0”
@类型监视器\u代理
绑定“0.0.0.0”
端口24220
标记“fluentd.monitor.metrics”
@id弹性搜索
@类型弹性搜索
@日志级别“信息”
包含标记键为真
主机“escluster es http.elastic system.svc.cluster.local”
端口9200
方案http
ssl_版本TLSv1_2
logstash_格式为true
验证客户端版本错误
@键入“文件”
路径“/var/log/fluentd buffers/kubernetes.system.buffer”
刷新模式间隔
重试\u类型指数\u回退
齐平螺纹数2
冲洗间隔5s
永远重试
重试\u最大\u间隔30
块大小限制为2M
队列长度限制8
溢出动作块
根目录“/tmp/fluentd buffers/”
2020-07-03 16:33:47+0000[信息]：启动fluentd-1.3.3 pid=1 ruby=“2.3.3”
2020-07-03 16:33:47+0000[信息]：将命令生成到main:cmdline=[“/usr/bin/ruby2.3”、“-Eascii-8bit:ascii-8bit”、“/usr/local/bin/fluentd”、“--在主管下”]
2020-07-03 16:33:48+0000[信息]：gem“fluent plugin concat”版本“2.3.0”
2020-07-03 16:33:48+0000[信息]：gem“fluent插件检测异常”版本“0.0.11”
2020-07-03 16:33:48+0000[信息]：gem“fluent plugin elasticsearch”版本“3.0.2”
2020-07-03 16:33:48+0000[信息]：gem“fluent-plugin-kubernetes\u元数据\u过滤器”版本“2.1.6”
2020-07-03 16:33:48+0000[信息]：gem“fluent plugin多格式解析器”版本“1.0.0”
2020-07-03 16:33:48+0000[信息]：gem“流畅插件普罗米修斯”版本“1.3.0”
2020-07-03 16:33:48+0000[信息]：gem“fluent plugin systemd”版本“1.0.1”
2020-07-03 16:33:48+0000[信息]：gem“fluentd”版本“1.3.3”
2020-07-03 16:33:48+0000[信息]：添加匹配模式
2020-07-03 16:33:48+0000[信息]：添加匹配模式
2020-07-03 16:33:48+0000[信息]：添加匹配模式=“**”type=“elasticsearch”
2020-07-03 16:33:48+0000[警告]：#0[elasticsearch]无法连接elasticsearch或获取版本。假设弹性搜索5。
2020-07-03 16:33:48+0000[信息]：添加源类型=“前进”
2020-07-03 16:33:48+0000[信息]：添加源类型=“http”
2020-07-03 16:33:48+0000[信息]：添加源类型=“监控代理”
2020-07-03 16:33:48+0000[信息]：#0启动fluentd worker pid=10 ppid=1 worker=0
2020-07-03 16:33:48+0000[信息]：#0侦听端口端口=24224 bind=“0.0.0.0”
2020-07-03 16:33:48+0000[信息]：#0 fluentd worker正在运行worker=0

你能告诉我我遗漏了什么吗

感谢和问候

您的Elasticsearch群集似乎已启用ssl。Fluentd还需要通过ssl连接elastic，看起来您的Elasticsearch群集已启用ssl。Fluentd还需要通过ssl连接elastic

两件事：包含es证书的

挂载路径：

在fluent.conf中似乎没有被引用，第二件事是在

curl

测试中使用

-k

，您需要尝试使用

/certs

中的证书，以确保即使在您修复fluent之后，它们也可以对齐。Conf您是否使用Minikube或Kubeadm以及Kubernetes的哪个版本？你设置了防火墙规则吗？有两件事：包含es证书的

挂载路径：

在你的fluent.conf中似乎没有被引用，第二件事是在

curl

测试中不使用

-k

，你要尝试使用

/certs

中的证书，以确保它们可能对齐，即使修复了fluent.conf，您是否使用Minikube或Kubeadm以及什么Kubernetes版本？你设置了防火墙规则吗？