elasticsearch Fluentd无法连接到Elasticsearch-[warn]:#0[Elasticsearch]无法连接Elasticsearch或获取版本。假设弹性搜索5
我正在尝试在baremetal Kubernetes上安装Fluentd,并将消息转发给ElasticSearch。 我想安装的Fluentd是“稳定/Fluentd--Version2.4.3”helm图表。 我的ElasticSearch拥有自定义tls证书,工作正常elasticsearch Fluentd无法连接到Elasticsearch-[warn]:#0[Elasticsearch]无法连接Elasticsearch或获取版本。假设弹性搜索5,elasticsearch,kubernetes,fluentd,elasticsearch,Kubernetes,Fluentd,我正在尝试在baremetal Kubernetes上安装Fluentd,并将消息转发给ElasticSearch。 我想安装的Fluentd是“稳定/Fluentd--Version2.4.3”helm图表。 我的ElasticSearch拥有自定义tls证书,工作正常 #### Steps to replicate bash-5.0# curl -u "elastic:636ByujI053Pl3Zu5E0ZsnG6" -k "https://escluster
#### Steps to replicate
bash-5.0# curl -u "elastic:636ByujI053Pl3Zu5E0ZsnG6" -k "https://escluster-es-http.elastic-system.svc.cluster.local:9200" | jq
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 546 100 546 0 0 7280 0 --:--:-- --:--:-- --:--:-- 7280
{
"name": "escluster-es-default-0",
"cluster_name": "escluster",
"cluster_uuid": "0XnwElYuQICbi-QELvNjsw",
"version": {
"number": "7.8.0",
"build_flavor": "default",
"build_type": "docker",
"build_hash": "757314695644ea9a1dc2fecd26d1a43856725e65",
"build_date": "2020-06-14T19:35:50.234439Z",
"build_snapshot": false,
"lucene_version": "8.5.1",
"minimum_wire_compatibility_version": "6.8.0",
"minimum_index_compatibility_version": "6.0.0-beta1"
},
"tagline": "You Know, for Search"
}
bash-5.0#
我的fluentd配置是
...
output:
host: escluster-es-http.elastic-system.svc.cluster.local
port: 9200
scheme: https
sslVersion: TLSv1_2
buffer_chunk_limit: 2M
buffer_queue_limit: 8
env: {}
extraEnvVars:
- name: ELASTIC_PASSWORD
valueFrom:
secretKeyRef:
name: escluster-es-elastic-user
key: elastic
extraVolumes:
- name: es-certs
secret:
defaultMode: 420
secretName: es-tls
extraVolumeMounts:
- name: es-certs
mountPath: /certs
readOnly: true
...
Fluentd已安装,但无法连接到ElasticSearch
吊舱日志:
devadmin@vdi-mk2-ubn:~/fluentd-stable$ kubectl logs fluentd-784b48c5c9-78cf4 -n elastic-system
2020-07-03 16:33:47 +0000 [info]: parsing config file is succeeded path="/etc/fluent/fluent.conf"
2020-07-03 16:33:47 +0000 [warn]: [elasticsearch] Could not connect Elasticsearch or obtain version. Assuming Elasticsearch 5.
2020-07-03 16:33:47 +0000 [info]: using configuration file: <ROOT>
<match fluent.**>
@type null
</match>
<source>
@type forward
port 24224
bind "0.0.0.0"
</source>
<match fluentd.**>
@type null
</match>
<source>
@type http
port 9880
bind "0.0.0.0"
</source>
<source>
@type monitor_agent
bind "0.0.0.0"
port 24220
tag "fluentd.monitor.metrics"
</source>
<match **>
@id elasticsearch
@type elasticsearch
@log_level "info"
include_tag_key true
host "escluster-es-http.elastic-system.svc.cluster.local"
port 9200
scheme http
ssl_version TLSv1_2
logstash_format true
validate_client_version false
<buffer>
@type "file"
path "/var/log/fluentd-buffers/kubernetes.system.buffer"
flush_mode interval
retry_type exponential_backoff
flush_thread_count 2
flush_interval 5s
retry_forever
retry_max_interval 30
chunk_limit_size 2M
queue_limit_length 8
overflow_action block
</buffer>
</match>
<system>
root_dir "/tmp/fluentd-buffers/"
</system>
</ROOT>
2020-07-03 16:33:47 +0000 [info]: starting fluentd-1.3.3 pid=1 ruby="2.3.3"
2020-07-03 16:33:47 +0000 [info]: spawn command to main: cmdline=["/usr/bin/ruby2.3", "-Eascii-8bit:ascii-8bit", "/usr/local/bin/fluentd", "--under-supervisor"]
2020-07-03 16:33:48 +0000 [info]: gem 'fluent-plugin-concat' version '2.3.0'
2020-07-03 16:33:48 +0000 [info]: gem 'fluent-plugin-detect-exceptions' version '0.0.11'
2020-07-03 16:33:48 +0000 [info]: gem 'fluent-plugin-elasticsearch' version '3.0.2'
2020-07-03 16:33:48 +0000 [info]: gem 'fluent-plugin-kubernetes_metadata_filter' version '2.1.6'
2020-07-03 16:33:48 +0000 [info]: gem 'fluent-plugin-multi-format-parser' version '1.0.0'
2020-07-03 16:33:48 +0000 [info]: gem 'fluent-plugin-prometheus' version '1.3.0'
2020-07-03 16:33:48 +0000 [info]: gem 'fluent-plugin-systemd' version '1.0.1'
2020-07-03 16:33:48 +0000 [info]: gem 'fluentd' version '1.3.3'
2020-07-03 16:33:48 +0000 [info]: adding match pattern="fluent.**" type="null"
2020-07-03 16:33:48 +0000 [info]: adding match pattern="fluentd.**" type="null"
2020-07-03 16:33:48 +0000 [info]: adding match pattern="**" type="elasticsearch"
2020-07-03 16:33:48 +0000 [warn]: #0 [elasticsearch] Could not connect Elasticsearch or obtain version. Assuming Elasticsearch 5.
2020-07-03 16:33:48 +0000 [info]: adding source type="forward"
2020-07-03 16:33:48 +0000 [info]: adding source type="http"
2020-07-03 16:33:48 +0000 [info]: adding source type="monitor_agent"
2020-07-03 16:33:48 +0000 [info]: #0 starting fluentd worker pid=10 ppid=1 worker=0
2020-07-03 16:33:48 +0000 [info]: #0 listening port port=24224 bind="0.0.0.0"
2020-07-03 16:33:48 +0000 [info]: #0 fluentd worker is now running worker=0
devadmin@vdi-mk2 ubn:~/fluentd稳定$kubectl原木fluentd-784b48c5c9-78cf4-n弹性系统
2020-07-03 16:33:47+0000[信息]:解析配置文件成功路径=“/etc/fluent/fluent.conf”
2020-07-03 16:33:47+0000[警告]:[elasticsearch]无法连接elasticsearch或获取版本。假设弹性搜索5。
2020-07-03 16:33:47+0000[信息]:使用配置文件:
@类型null
@打字前进
端口24224
绑定“0.0.0.0”
@类型null
@键入http
端口9880
绑定“0.0.0.0”
@类型监视器\u代理
绑定“0.0.0.0”
端口24220
标记“fluentd.monitor.metrics”
@id弹性搜索
@类型弹性搜索
@日志级别“信息”
包含标记键为真
主机“escluster es http.elastic system.svc.cluster.local”
端口9200
方案http
ssl_版本TLSv1_2
logstash_格式为true
验证客户端版本错误
@键入“文件”
路径“/var/log/fluentd buffers/kubernetes.system.buffer”
刷新模式间隔
重试\u类型指数\u回退
齐平螺纹数2
冲洗间隔5s
永远重试
重试\u最大\u间隔30
块大小限制为2M
队列长度限制8
溢出动作块
根目录“/tmp/fluentd buffers/”
2020-07-03 16:33:47+0000[信息]:启动fluentd-1.3.3 pid=1 ruby=“2.3.3”
2020-07-03 16:33:47+0000[信息]:将命令生成到main:cmdline=[“/usr/bin/ruby2.3”、“-Eascii-8bit:ascii-8bit”、“/usr/local/bin/fluentd”、“--在主管下”]
2020-07-03 16:33:48+0000[信息]:gem“fluent plugin concat”版本“2.3.0”
2020-07-03 16:33:48+0000[信息]:gem“fluent插件检测异常”版本“0.0.11”
2020-07-03 16:33:48+0000[信息]:gem“fluent plugin elasticsearch”版本“3.0.2”
2020-07-03 16:33:48+0000[信息]:gem“fluent-plugin-kubernetes\u元数据\u过滤器”版本“2.1.6”
2020-07-03 16:33:48+0000[信息]:gem“fluent plugin多格式解析器”版本“1.0.0”
2020-07-03 16:33:48+0000[信息]:gem“流畅插件普罗米修斯”版本“1.3.0”
2020-07-03 16:33:48+0000[信息]:gem“fluent plugin systemd”版本“1.0.1”
2020-07-03 16:33:48+0000[信息]:gem“fluentd”版本“1.3.3”
2020-07-03 16:33:48+0000[信息]:添加匹配模式
2020-07-03 16:33:48+0000[信息]:添加匹配模式
2020-07-03 16:33:48+0000[信息]:添加匹配模式=“**”type=“elasticsearch”
2020-07-03 16:33:48+0000[警告]:#0[elasticsearch]无法连接elasticsearch或获取版本。假设弹性搜索5。
2020-07-03 16:33:48+0000[信息]:添加源类型=“前进”
2020-07-03 16:33:48+0000[信息]:添加源类型=“http”
2020-07-03 16:33:48+0000[信息]:添加源类型=“监控代理”
2020-07-03 16:33:48+0000[信息]:#0启动fluentd worker pid=10 ppid=1 worker=0
2020-07-03 16:33:48+0000[信息]:#0侦听端口端口=24224 bind=“0.0.0.0”
2020-07-03 16:33:48+0000[信息]:#0 fluentd worker正在运行worker=0
你能告诉我我遗漏了什么吗
感谢和问候您的Elasticsearch群集似乎已启用ssl。Fluentd还需要通过ssl连接elastic,看起来您的Elasticsearch群集已启用ssl。Fluentd还需要通过ssl连接elastic两件事:包含es证书的
挂载路径:
在fluent.conf中似乎没有被引用,第二件事是在curl
测试中使用-k
,您需要尝试使用/certs
中的证书,以确保即使在您修复fluent之后,它们也可以对齐。Conf您是否使用Minikube或Kubeadm以及Kubernetes的哪个版本?你设置了防火墙规则吗?有两件事:包含es证书的挂载路径:
在你的fluent.conf中似乎没有被引用,第二件事是在curl
测试中不使用-k
,你要尝试使用/certs
中的证书,以确保它们可能对齐,即使修复了fluent.conf,您是否使用Minikube或Kubeadm以及什么Kubernetes版本?你设置了防火墙规则吗?