Logstash 和 Kibana 在 Docker 中看不到 Elasticsearch 容器

Question

我在这里使用 repo：https://github.com/deviantony/docker-elk

CentOS 8

ELK 版本 7.4.0

docker-compose 版本 1.24.1

Docker 版本 18.06.3-ce

当我启动容器时，Elasticsearch 加载正常。 加载后，Kibana 和 Logstash 容器将启动。但是一旦加载，他们就无法看到 Elasticsearch 容器并产生这些消息：

Logstash：

[2019-10-22T18:32:57,321][WARN ][logstash.outputs.elasticsearch] Attempted to resurrect connection to dead ES instance, but got an error. {:url=>"http://elastic:xxxxxx@elasticsearch:9200/", :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :error=>"Elasticsearch Unreachable: [http://elastic:xxxxxx@elasticsearch:9200/][Manticore::SocketException] No route to host (Host unreachable)"}

Kibana：

{"type":"log","@timestamp":"2019-10-22T18:41:22Z","tags":["warning","elasticsearch","data"],"pid":6,"message":"Unable to revive connection: http://elasticsearch:9200/"}
{"type":"log","@timestamp":"2019-10-22T18:41:22Z","tags":["warning","elasticsearch","data"],"pid":6,"message":"No living connections"}
{"type":"log","@timestamp":"2019-10-22T18:41:22Z","tags":["license","warning","xpack"],"pid":6,"message":"License information from the X-Pack plugin could not be obtained from Elasticsearch for the [data] cluster. Error: No Living connections"}
{"type":"log","@timestamp":"2019-10-22T18:41:22Z","tags":["warning","elasticsearch","admin"],"pid":6,"message":"Unable to revive connection: http://elasticsearch:9200/"}
{"type":"log","@timestamp":"2019-10-22T18:41:22Z","tags":["warning","elasticsearch","admin"],"pid":6,"message":"No living connections"}

当我查看 elasticsearch 主机名是什么时，我得到了 Docker 自动生成的主机名。

# docker-compose exec elasticsearch hostname
7d50d6a75028

我的印象是，如果容器在同一个网络下，那么 docker 应该将 elasticsearch:9200 映射到容器的正确 IP 地址？

我尝试在 docker-compose 文件中设置主机名，如下所示：

...

services:
  elasticsearch:
    hostname: elasticsearch

...

并且变化反映在容器中：

# docker-compose exec elasticsearch hostname
elasticsearch

但是 Kibana 和 Logstash 仍然看不到它。

我无法从 Kibana 容器中看到该主机：

# docker-compose exec kibana curl http://elasticsearch:9200
curl: (7) Failed connect to elasticsearch:9200; No route to host

查看 ES 容器中的日志，似乎工作正常：

# docker logs 9ef8

{"type": "server", "timestamp": "2019-10-22T18:50:55,870Z", "level": "INFO", "component": "o.e.c.r.a.AllocationService", "cluster.name": "docker-cluster", "node.name": "elasticsearch", "message": "Cluster health status changed from [RED] to [GREEN] (reason: [shards started [[.monitoring-es-7-2019.10.22][0]]]).", "cluster.uuid": "O7t3UC1tSFibbjkwjqbX6A", "node.id": "qbzcFdQpR2KHBad-s8U1Vw"  }

我一定是遗漏了一些东西，但我想不通。 我搜索了这个错误，似乎我设置它的方式应该可以工作。

谁能帮忙？

我的 docker-compose 文件如下所示：

version: '3.7'

services:
  elasticsearch:
    build:
      context: elasticsearch/
      args:
        ELK_VERSION: $ELK_VERSION
    volumes:
      - type: bind
        source: ./elasticsearch/config/elasticsearch.yml
        target: /usr/share/elasticsearch/config/elasticsearch.yml
        read_only: true
      - type: volume
        source: elasticsearch
        target: /usr/share/elasticsearch/data
    ports:
      - "9200:9200"
      - "9300:9300"
    environment:
      ES_JAVA_OPTS: "-Xmx256m -Xms256m"
    networks:
      - elk

  logstash:
    build:
      context: logstash/
      args:
        ELK_VERSION: $ELK_VERSION
    volumes:
      - type: bind
        source: ./logstash/config/logstash.yml
        target: /usr/share/logstash/config/logstash.yml
        read_only: true
      - type: bind
        source: ./logstash/pipeline
        target: /usr/share/logstash/pipeline
        read_only: true
    ports:
      - "5000:5000"
      - "9600:9600"
    environment:
      LS_JAVA_OPTS: "-Xmx256m -Xms256m"
    networks:
      - elk
    depends_on:
      - elasticsearch

  kibana:
    build:
      context: kibana/
      args:
        ELK_VERSION: $ELK_VERSION
    volumes:
      - type: bind
        source: ./kibana/config/kibana.yml
        target: /usr/share/kibana/config/kibana.yml
        read_only: true
    ports:
      - "5601:5601"
    networks:
      - elk
    depends_on:
      - elasticsearch

networks:
  elk:
    driver: bridge

volumes:

Answer 1

我能够让它在 CentOS 7.7 上运行而没有问题。 似乎与 CentOS 8 相关。

Answer 2

即使我在 CENTOS 8 的 docker 中运行 elastic,kibana 时也遇到同样的问题。

看起来有些问题，因为 kibana 无法与 docker 网络中的弹性通信。

kibana 内的 CURL 到弹性 :curl -X GET http://elasticsearch:9200 抛出错误 Failed connect to elasticsearch:9200; No route to host

同样的 docker-compose 文件在 windows docker ， docker 在 ubuntu 等中工作，..

已编辑：

经过一番搜索，我能够想出解决方案。 原因是 centos firewalld 阻止了 docker 容器网络中的 DNS，需要绕过或完全禁用它。 但是，不是完全禁用firewalld，而是能够通过使用here中显示的步骤绕过防火墙中的docker DNS来找到解决方案，在执行这些步骤后，kibana能够与docker内部的Elastic连接..谢谢:)