Logstash-RabbitMQ连接超时错误
我在2个节点上安装了logstash,以将日志发送到RabbitMQ。SSL在RabbitMQ侦听5671端口上配置。我已将这两个日志存储配置为将日志推送到5671端口上的rabbitmq服务器 这是我的配置Logstash-RabbitMQ连接超时错误,rabbitmq,logstash,logstash-forwarder,Rabbitmq,Logstash,Logstash Forwarder,我在2个节点上安装了logstash,以将日志发送到RabbitMQ。SSL在RabbitMQ侦听5671端口上配置。我已将这两个日志存储配置为将日志推送到5671端口上的rabbitmq服务器 这是我的配置 input { file { path => "/var/log/messages" start_position => "beginning" } } filter { grok { match => { "message"
input {
file {
path => "/var/log/messages"
start_position => "beginning"
}
}
filter {
grok {
match => { "message" => "%{SYSLOGTIMESTAMP:system_auth_timestamp} %{SYSLOGHOST:system_auth_hostname} %{GREEDYDATA:command_issued}: %{GREEDYDATA:message}" }
add_tag => "syslog"
}
}
output {
rabbitmq {
exchange => "elasticsearch-exchange"
exchange_type => "direct"
key => "logstash-routing_key"
ssl => true
#verify_ssl => true
ssl_certificate_password => 'Password'
ssl_certificate_path => 'certfile'
ssl_version => "TLSv1.2"
host => "10.2.0.0"
vhost => "es_vhost"
durable => true
persistent => true
port => 5671
user => "admin"
password => "password"
heartbeat => "5"
}
stdout {
codec => rubydebug
}
}
{:timestamp=>"2017-12-26T07:22:32.708000+0000", :message=>"Pipeline aborted due to error", :exception=>java.util.concurrent.TimeoutException, :backtrace=>["com.rabbitmq.utility.BlockingCell.get(com/rabbitmq/utility/BlockingCell.java:77)", "com.rabbitmq.utility.BlockingCell.uninterruptibleGet(com/rabbitmq/utility/BlockingCell.java:111)", "com.rabbitmq.utility.BlockingValueOrException.uninterruptibleGetValue(com/rabbitmq/utility/BlockingValueOrException.java:37)", "com.rabbitmq.client.impl.AMQChannel$BlockingRpcContinuation.getReply(com/rabbitmq/client/impl/AMQChannel.java:367)", "com.rabbitmq.client.impl.AMQConnection.start(com/rabbitmq/client/impl/AMQConnection.java:293)", "com.rabbitmq.client.ConnectionFactory.newConnection(com/rabbitmq/client/ConnectionFactory.java:648)", "com.rabbitmq.client.ConnectionFactory.newConnection(com/rabbitmq/client/ConnectionFactory.java:678)", "java.lang.reflect.Method.invoke(java/lang/reflect/Method.java:498)", "RUBY.new_connection_impl(/opt/logstash/vendor/bundle/jruby/1.9/gems/march_hare-2.15.0-java/lib/march_hare/session.rb:505)", "org.jruby.RubyProc.call(org/jruby/RubyProc.java:281)", "RUBY.converting_rjc_exceptions_to_ruby(/opt/logstash/vendor/bundle/jruby/1.9/gems/march_hare-2.15.0-java/lib/march_hare/session.rb:467)", "RUBY.new_connection_impl(/opt/logstash/vendor/bundle/jruby/1.9/gems/march_hare-2.15.0-java/lib/march_hare/session.rb:500)", "RUBY.initialize(/opt/logstash/vendor/bundle/jruby/1.9/gems/march_hare-2.15.0-java/lib/march_hare/session.rb:136)", "RUBY.connect(/opt/logstash/vendor/bundle/jruby/1.9/gems/march_hare-2.15.0-java/lib/march_hare/session.rb:109)", "RUBY.connect(/opt/logstash/vendor/bundle/jruby/1.9/gems/march_hare-2.15.0-java/lib/march_hare.rb:20)", "RUBY.connect(/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-mixin-rabbitmq_connection-4.1.1-java/lib/logstash/plugin_mixins/rabbitmq_connection.rb:174)", "RUBY.connect!(/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-mixin-rabbitmq_connection-4.1.1-java/lib/logstash/plugin_mixins/rabbitmq_connection.rb:131)", "RUBY.register(/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-output-rabbitmq-3.1.0-java/lib/logstash/outputs/rabbitmq.rb:40)", "RUBY.register(/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/output_delegator.rb:75)", "RUBY.start_workers(/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:181)", "org.jruby.RubyArray.each(org/jruby/RubyArray.java:1613)", "RUBY.start_workers(/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:181)", "RUBY.run(/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:136)", "RUBY.start_pipeline(/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/agent.rb:473)", "java.lang.Thread.run(java/lang/Thread.java:745)"], :level=>:error}
{:timestamp=>"2017-12-26T07:22:35.710000+0000", :message=>"stopping pipeline", :id=>"main"}
=INFO REPORT==== 27-Dec-2017::05:44:27 ===
accepting AMQP connection <0.1228.0> (10.2.0.0:42187 -> 10.24.168.17:5601)
=WARNING REPORT==== 27-Dec-2017::05:44:35 ===
closing AMQP connection <0.1228.0> (10.2.0.0:42187 -> 10.24.168.17:5601):
client unexpectedly closed TCP connection
=信息报告===2017年12月27日::05:44:27===
接受AMQP连接(10.2.0.0:42187->10.24.168.17:5601)
=警告报告===2017年12月27日::05:44:35===
关闭AMQP连接(10.2.0.0:42187->10.24.168.17:5601):
客户端意外地关闭了TCP连接
% This file managed by Puppet
% Template Path: rabbitmq/templates/rabbitmq.config
[
{rabbit, [
{cluster_nodes, {[rabbit@node01, rabbitmq@node02, rabbit@node03], disc}},
{cluster_partition_handling, ignore},
{tcp_listen_options,
[binary,
{packet, raw},
{reuseaddr, true},
{backlog, 128},
{nodelay, true},
{exit_on_close, false}]
},
{default_user, <<"admin">>},
{default_pass, <<"passowrd">>},
{handshake_timeout, 60000},
{tcp_listeners, []},
{ssl_listeners, [5671]},
{ssl_options, [{cacertfile,"/etc/rabbitmq/ssl_cert/testca/cacert.pem"},
{certfile,"/etc/rabbitmq/ssl_cert/server/cert.pem"},
{keyfile,"/etc/rabbitmq/ssl_cert/server/key.pem"},
{password, "Password"},
{verify,verify_peer},
{versions, ['tlsv1.2']},
{fail_if_no_peer_cert,false}]},
{ssl_handshake_timeout, 5000}
{log_levels, [{autocluster, debug}, {connection, info}]}
]},
{kernel, [
]},
{rabbitmq_management, [
{listener, [
{port, 15672}
]}
]}
].
% EOF
%此文件由Puppet管理
%模板路径:rabbitmq/templates/rabbitmq.config
[
{兔子[
{cluster_节点{[rabbit@node01, rabbitmq@node02, rabbit@node03],disc},
{集群\分区\处理,忽略},
{tcp_侦听_选项,
[二进制,
{数据包,原始},
{reuseaddr,true},
{backlog,128},
{nodelay,对},
{exit_on_close,false}]
},
{默认用户,},
{default_pass,},
{握手超时,60000},
{tcp_侦听器,[]},
{ssl_侦听器,[5671]},
{ssl_options,[{cacertfile,”/etc/rabbitmq/ssl_cert/testca/cacert.pem},
{certfile,“/etc/rabbitmq/ssl_cert/server/cert.pem”},
{keyfile,“/etc/rabbitmq/ssl_cert/server/key.pem”},
{password,“password”},
{verify,verify_peer},
{versions,['tlsv1.2']},
{如果没有对等证书,则失败}]},
{ssl_握手_超时,5000}
{log_levels,[{autocluster,debug},{connection,info}]}
]},
{内核[
]},
{拉比特大学管理层[
{听众[
{port,15672}
]}
]}
].
%EOF
我甚至将SSL侦听器端口更改为5601,并尝试确保这不是端口冲突。我每次都在这里碰壁。主机名不匹配。我通过在
/etc/hostsSSL\u握手\u超时时间。如果这不起作用,请先尝试启用单向SSL,以确定哪一方出现故障,然后我将尝试。尝试使用wireshark
跟踪TLS握手过程中发生的情况。不幸的是,在处理TLS时,错误消息通常是无用的。有趣的消息将是连接终止之前的消息。另外,您使用的RabbitMQ版本是什么?