Hello everyone,
I was trying to implement ELK stack using docker to collect logs from the machines which are in different network, would say that my docker Engine is in a private Network A and my hosts are in another private Network B. I have installed beats on my nodes and was trying to verify the ELK server configured in docker container in Network A. But I was not succeeded in verifying the ELK from beats hosts.
What I did?
On Network A:
Used sebp/elk image to start a ELK container
Did port forwarding for port 5601, 9200, 5044
Verified if kibana is loading in web and it was success
Generated SSL cert in the ELK container with the public IP of the host where docker was
installed.
copied this SSL cert on to the beats host /etc/pki/tls/certs/
On Network B:
Installed beats in the machine (Not a container)
configured filebeat.yml with the public IP of the Docker host with the port (Say x.x.x.x:8001)
and added ssl cert path
Restarted logstash in Network A and filebeat in Network B and received the following error
Error1 (when generated a cert with public IP of docker host)
.514762 transport.go:125: ERR SSL client failed to connect with: x509: cannot validate certificate for <public_ip of container’s host> because it doesn’t contain any IP SANs.
Error2 when run debug mode: (when generated a cert with private ip of the docker container and given the public IP of the docker host in filebeat.yml file)
2018/06/28 11:57:29.342793 single.go:126: INFO Connecting error publishing events (retrying): Head http://<ELK_HOST_PUBLIC_IP>:8003: read tcp <beat_host_private_ip>:49055-><ELK_HOST_PUBLIC_IP>:8003: read: connection reset by peer
2018/06/28 11:56:56.941473 client.go:302: DBG Ping request failed with: Head http://<ELK_HOST_PUBLIC_IP>:8003: read tcp <beat_host_private_ip>:49053-><ELK_HOST_PUBLIC_IP>:8003: read: connection reset by peer
Could any one please help me with fixing the issue that how can I make a successful verification of the ELK by beats host in a different network