弹性搜索+ LogStash无法连接

时间:2017-03-04 16:18:07

标签: elasticsearch logstash docker-compose

我正在尝试使用docker容器创建Elastic搜索安装。 我只使用elastic.io提供商的图片。

启动logstash实例时遇到错误。

以下是我的配置:

搬运工-compose.yml 

version: '2'
services:
  elasticsearch1:
    image: docker.elastic.co/elasticsearch/elasticsearch:5.2.2
    container_name: elasticsearch1
    environment:
      - cluster.name=docker-cluster
      - bootstrap.memory_lock=true
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536
        hard: 65536
    mem_limit: 1g
    cap_add:
      - IPC_LOCK
    volumes:
      - esdata1:/usr/share/elasticsearch/data
    networks:
      - esnet
  elasticsearch2:
    image: docker.elastic.co/elasticsearch/elasticsearch:5.2.2
    container_name: elasticsearch2
    environment:
      - cluster.name=docker-cluster
      - bootstrap.memory_lock=true
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
      - "discovery.zen.ping.unicast.hosts=elasticsearch1"
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536
        hard: 65536
    mem_limit: 1g
    cap_add:
      - IPC_LOCK
    volumes:
      - esdata2:/usr/share/elasticsearch/data
    networks:
      - esnet

  logstash:
    image: docker.elastic.co/logstash/logstash:5.2.2
    container_name: logstash
    mem_limit: 1g
    links: 
      - elasticsearch1:elasticsearch
    volumes: 
      - ./logstash.yml:/usr/share/logstash/config/logstash.yml

volumes:
  esdata1:
    driver: local
  esdata2:
    driver: local

networks:
  esnet:
    driver: bridge

现在我的logstash.yml 

node: 
  name: 'default logstash'
http: 
  host: elasticsearch
pipeline:
  workers: 1
  batch:
    size: 12
    delay: 5
log: 
  level: 'debug'

我不知道,但logstash告诉我他无法使用此错误消息连接到ElasticSearch实例:

...
[DEBUG][logstash.runner] *http.host: "elasticsearch" (default: "127.0.0.1")
...
[DEBUG][logstash.outputs.elasticsearch] config LogStash::Ouputs::ElasticSearch/@hosts = [http://localhost:9200]
[INFO][logstash.ouputs.elasticsearch] Elasticsearch pool URLs updated {:changes=>:removed>[], :added=>[logstash_system:xxxxx@localhost:9200/_xpack/monitoring/?system_id=logstash&system_api_version=2&interval=1s]}}

有人可以告诉我为什么logstash正在使用一个糟糕的主机事件,如果他真的得到我的设置?

谢谢。

此致

1 个答案:

答案 0 :(得分:0)

我通过logstash.conf文件替换我的logstash.yml找到了一个解决方案:


    input {
      stdin { }
      beats {
        port => 5044
      }
    }

    output {
      elasticsearch {
        hosts    => [ 'elasticsearch' ]
        user     => 'elastic'
        password => 'changeme'
      }
    }

最后,我更改了docker-compose文件以链接此conf文件:


    volumes: 
      - ./logstash-pipeline/:/usr/share/logstash/pipeline/
相关问题
最新问题