我正在尝试在Docker容器上使用流利的比特设置EFK堆栈。虽然我可以将日志从流利的位推送到Elasticsearch,但是当我尝试集成fluentd时,却遇到了问题。这是确切的错误味精:
意外错误error_class = Errno :: EADDRNOTAVAIL error =“地址不可用-\” fluent-bit \“端口24224”的bind(2)“
docker-compose 文件中的服务
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:${TAG}
ports:
- '9200:9200'
- '9300:9300'
volumes:
- type: bind
source: ./config/elasticsearch.yml
target: /usr/share/elasticsearch/config/elasticsearch.yml
read_only: true
- type: volume
source: elasticsearch
target: /usr/share/elasticsearch/data
networks:
- efk_1
fluentd:
image: fluent/fluentd:${FLBV}
ports:
- '24224:24224'
volumes:
- type: bind
source: ./config/fluent.conf
target: /fluentd/etc/fluent.conf
read_only: true
networks:
- efk_1
depends_on:
- elasticsearch
fluent-bit:
image: fluent/fluent-bit:${FBITV}
ports:
- '2020:2020'
volumes:
- type: bind
source: ./config/fluent-bit.conf
target: /fluent-bit/etc/fluent-bit.conf
read_only: true
- type: bind
source: ./sample_logs
target: /var/log
networks:
- efk_1
depends_on:
- fluentd
以前,我像这样直接将日志从fluent-bit推送到elasticsearch,而无需在任何地方进行fluentd配置:
[SERVICE]
Flush 2
Log_Level debug
[INPUT]
Name tail
Path /var/log/log.txt
[OUTPUT]
Name es
Match *
Host elasticsearch
Port 9200
这成功地将日志推送到了Elasticsearch,但是现在我在两者之间添加了fluentd,因此fluent-bit会将日志发送到fluentd,然后将其推送到elasticsearch。
流利的位配置:
[SERVICE]
Flush 2
Log_Level debug
[INPUT]
Name tail
Path /var/log/log.txt
[OUTPUT]
Name forward
Match *
Host fluentd
流利的会议:
<source>
@type forward
bind fluent-bit
</source>
<match **>
@type stdout
</match>
这给了我错误,因为即使它们属于同一泊坞窗网络,他们也无法检测到地址。
这些是我得到的错误:
fluent-bit_1 | [2019/11/06 10:31:02] [错误] [io] TCP连接失败:fluentd:24224(连接被拒绝)
和
fluentd_1 | 2019-11-06 10:31:02 +0000 [错误]:#0意外错误error_class = Errno :: EADDRNOTAVAIL error =“地址不可用-bind(2)for \” fluent-bit \“ port 24224” >
有人可以帮我知道我在哪里出错吗?