我的Docker集群中有2个堆栈。一个是麋鹿(弹性搜索,Kibbana和Logstash),另一个是我的Web应用程序。
出于某些原因,我不想为麋鹿和应用程序服务使用相同的堆栈。
我想使用syslog将我的Web应用访问日志发送到Logstash。我使用ping命令测试了麋鹿堆栈,以验证其工作正常。然后,在我的应用程序中设置日志记录驱动程序,并创建过多的网络,甚至使用外部链接。但是似乎没有任何作用,并且由于记录了驱动程序服务发现,我的应用程序服务也没有启动。
starting container failed: failed to initialize logging driver: dial tcp: lookup logstash on 10.131.57.151:53
这是我的麋鹿堆栈撰写文件:
version: "3.3"
services:
elasticsearch:
command: elasticsearch -Enetwork.host=0.0.0.0 -Ediscovery.zen.ping.unicast.hosts=elasticsearch
environment:
ES_JAVA_OPTS: -Xms2g -Xmx2g
image: registry:8019/elasticsearch
ulimits:
memlock: -1
nofile:
hard: 65536
soft: 65536
nproc: 65538
volumes:
- es_data:/usr/share/elasticsearch/data
networks:
- elk
deploy:
mode: replicated
replicas: 1
endpoint_mode: dnsrr
placement:
constraints: [node.role == manager, node.hostname == mainhost]
kibana:
image: registry:8019/kibana
ports:
- "5601:5601"
environment:
ELASTICSEARCH_URL: http://elasticsearch:9200
networks:
- elk
deploy:
mode: replicated
replicas: 1
healthcheck:
test: wget -qO- http://localhost:5601 > /dev/null
interval: 30s
retries: 3
logstash:
hostname: logstash
command: sh -c "logstash -e 'input { syslog { type => syslog port => 10514 } gelf { } } output { stdout { codec => rubydebug } elasticsearch { hosts => [ \"elasticsearch\" ] } }'"
image: registry:8019/logstash
ports:
- "10514:10514/tcp"
- "10514:10514/udp"
- "12201:12201/udp"
networks:
- elk
- logging
deploy:
mode: replicated
replicas: 2
networks:
elk:
driver: overlay
logging:
external:
name: logging
volumes:
es_data:
和应用程序:
version: "3.3"
services:
gateway:
image: registry:8019/dpos/gateway
configs:
-
source: Gateway
target: /usr/src/app/application/environ.py
ports:
- "3031:3031"
networks:
- logging
external_links:
- logstash.elk:logstash
logging:
driver: syslog
options:
syslog-address: "tcp://logstash:10514"
deploy:
mode: replicated
replicas: 1
configs:
Gateway:
external: true
networks:
logging:
external:
name: logging