[2024-11-25T09:31:58,481][ERROR][logstash.licensechecker.licensereader] Unable to retrieve license information from license server {:message=>"No Available connections"}
Even though the logstash pod is running. I checked for a long time and changed the ES-service name or IP all at once. But the logstash log keeps having above errors.
Please help me. please.
[ec2-user@k8s-master-10-0-7-181 elk]$ more logstash.yaml
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: local-storage
provisioner: kubernetes.io/no-provisioner # No dynamic provisioner for local storage
volumeBindingMode: WaitForFirstConsumer # Bind PVC after pod is scheduled
reclaimPolicy: Delete # Retain data when PVC is deleted
---
apiVersion: v1
kind: Service
metadata:
name: logstash
namespace: elk
spec:
clusterIP: None # Headless service for discovery
selector:
app: logstash
ports:
- port: 5044
targetPort: 5044
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: logstash
namespace: elk
spec:
serviceName: "logstash"
replicas: 3 # 3 replicas for high availability
selector:
matchLabels:
app: logstash
template:
metadata:
labels:
app: logstash
spec:
containers:
- name: logstash
image: docker.elastic.co/logstash/logstash:7.17.3
ports:
- containerPort: 5044
command: ["logstash", "-f", "/mnt/sdb/logstash/config/logstash.conf"]
env:
- name: XPACK_MONITORING_ELASTICSEARCH_HOSTS
value: "http://10.96.248.51:9200"
- name: XPACK_MONITORING_ENABLED
value: "false" # Add this line to disable monitoring
volumeMounts:
- name: config-volume
mountPath: /mnt/sdb/logstash/config # Config path
- name: storage
mountPath: /mnt/sdb/logstash/data # Data path
- name: timezone
mountPath: /etc/localtime
readOnly: true
resources:
limits:
cpu: "500m"
memory: "512Mi"
requests:
cpu: "250m"
memory: "256Mi"
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- logstash
topologyKey: "kubernetes.io/hostname" # Schedule pods on different nodes
tolerations:
- key: "node.kubernetes.io/disk-pressure"
operator: "Exists"
effect: "NoSchedule"
volumes:
- name: config-volume
configMap:
name: logstash-config
- name: timezone
hostPath:
path: /etc/localtime
type: File
volumeClaimTemplates:
- metadata:
name: storage
spec:
accessModes: ["ReadWriteOnce"]
storageClassName: "local-storage" # Use local-storage class
resources:
requests:
storage: 3Gi # 3Gi storage per pod
---
apiVersion: v1
kind: ConfigMap
metadata:
name: logstash-config
namespace: elk
data:
logstash.conf: |
input {
beats {
port => 5044
}
}
filter {
if [kubernetes][container][name] == "nginx-ingress-controller" {
json {
source => "message"
target => "ingress_log"
}
if [ingress_log][requesttime] {
mutate { convert => ["[ingress_log][requesttime]", "float"] }
}
if [ingress_log][upstreamtime] {
mutate { convert => ["[ingress_log][upstreamtime]", "float"] }
}
if [ingress_log][status] {
mutate { convert => ["[ingress_log][status]", "float"] }
}
}
}
output {
elasticsearch {
hosts => ["http://10.96.248.51:9200"]
index => "logstash-%{+YYYY.MM.dd}"
}
}
[ec2-user@k8s-master-10-0-7-181 elk]$ more es-deployment.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: elasticsearch
namespace: elk
spec:
serviceName: "elasticsearch-master-headless"
replicas: 3
selector:
matchLabels:
app: elasticsearch
template:
metadata:
labels:
app: elasticsearch
spec:
tolerations:
- key: "node.kubernetes.io/disk-pressure"
operator: "Exists"
effect: "NoSchedule"
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
podAffinityTerm:
labelSelector:
matchLabels:
app: elasticsearch
topologyKey: "kubernetes.io/hostname"
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- k8s-node1-10-0-7-178
- k8s-node2-10-0-7-164
- k8s-master-10-0-7-181
containers:
- name: elasticsearch
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.3
ports:
- containerPort: 9200
name: http
- containerPort: 9300
name: transport
env:
- name: discovery.seed_hosts
value: "elasticsearch-master-headless"
- name: cluster.initial_master_nodes
value: "elasticsearch-0,elasticsearch-1,elasticsearch-2"
- name: node.name
valueFrom:
fieldRef:
fieldPath: metadata.name
volumeMounts:
- name: data
mountPath: /mnt/sdb/elasticsearch-data/
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 2Gi
storageClassName: "elasticsearch-storage"
[ec2-user@k8s-master-10-0-7-181 elk]$ kubectl get svc -n elk
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
elasticsearch-master NodePort ****** <none> 9200:30920/TCP,9300:31738/TCP 14d
elasticsearch-master-headless ClusterIP None <none> 9200/TCP,9300/TCP 14d
kibana NodePort ***** <none> 5601:32620/TCP 14d
logstash ClusterIP None <none> 5044/TCP 17h
[ec2-user@k8s-master-10-0-7-181 elk]$ kubectl get pods -n elk
NAME READY STATUS RESTARTS AGE
elasticsearch-0 1/1 Running 0 143m
elasticsearch-1 1/1 Running 0 143m
elasticsearch-2 1/1 Running 0 143m
filebeat-dgcqg 1/1 Running 6 (4h55m ago) 17h
filebeat-nhjkp 1/1 Running 4 (4h55m ago) 17h
filebeat-rbnrs 1/1 Running 2 (4h55m ago) 17h
kibana-584f599649-m5nrn 1/1 Running 8 (4h55m ago) 11d
logstash-0 1/1 Running 0 20m
logstash-1 1/1 Running 0 20m
logstash-2 1/1 Running 0 20m
leandrojmp
November 25, 2024, 11:38am
3
I do not use kubernetes, but this error means that your logstash pod could not resolve the name elasticsearch to access your elasticsearch cluster.
Are you sure that you access your elasticsearch cluster just using elasticsearch? You need to validate it.