I'm trying to run Logstash in docker with Elasticsearch as output, however there are some warnings and errors like:
- elasticsearch:9200 failed to respond
- Unable to retrieve license information from license server {:message=>"No Available connections"}
My actions:
- Elasticsearch:
docker pull docker.elastic.co/elasticsearch/elasticsearch:8.6.0
docker run --name elasticsearch --net elastic -p 9200:9200 -it docker.elastic.co/elasticsearch/elasticsearch:8.6.0
Then I'm copying the http_ca.crt
docker cp es01:/usr/share/elasticsearch/config/certs/http_ca.crt .
Elasticsearch is working.
- Kibana:
docker pull docker.elastic.co/kibana/kibana:8.6.0
docker run --name kib-01 --net elastic -p 5601:5601 docker.elastic.co/kibana/kibana:8.6.0
Kibana is working as well.
- Logstash:
Using this Dockerfile to create and image (logstash.conf and http_ca.crt are in the same dir as the Dockerfile):
FROM docker.elastic.co/logstash/logstash:8.6.0
RUN rm -f /usr/share/logstash/pipeline/logstash.conf
COPY logstash.conf /usr/share/logstash/pipeline/
COPY http_ca.crt /usr/share/logstash/pipeline/
CMD bin/logstash -f /usr/share/logstash/pipeline/logstash.conf
logstash.conf file looks like:
input {
http {
port => 8082
}
}
filter {
grok {
match => {"message" => "%{NUMBER:custom_number}%{SPACE}%{WORD:custom_text}%{SPACE}%{GREEDYDATA:custom_rest}"}
}
}
output {
elasticsearch {
hosts => ["elasticsearch:9200"]
user => "elastic"
password => "my-password"
cacert => "/usr/share/logstash/pipeline/http_ca.crt"
}
}
- Then I'm building and starting Logstash in the same network:
docker build -t img-logstash .
docker run --net elastic img-logstash
What am I doing wrong?