Hello,
I have a problem with podman-compose. I have running ELK stack and communication between apps is working but I cant figure out why I cant connect from another host to logstash input.
Can you please tell me which network_mode are you using in podman for logstash?
I was using network mode host in docker, but now I switched to podman but my application servers cannt connect to logstash. In podman there is no network host and I use bridge.
I made dump and I can see that app machine wants to send logs to logstash but docker cannt respond.
10.12.1.30.46524 > 10.12.10.70.6379: Flags [S], cksum 0x9d05 (correct), seq 1371328963, win 29200, options [mss 1380,sackOK,TS val 1148183335 ecr 0,nop,wscale 7], length 0
11:19:42.600654 IP (tos 0x0, ttl 63, id 41139, offset 0, flags [DF], proto TCP (6), length 60)
10.12.1.30.46524 > 10.12.10.70.6379: Flags [S], cksum 0x991c (correct), seq 1371328963, win 29200, options [mss 1380,sackOK,TS val 1148184336 ecr 0,nop,wscale 7], length 0
11:19:44.604616 IP (tos 0x0, ttl 63, id 41140, offset 0, flags [DF], proto TCP (6), length 60)
10.12.1.30.46524 > 10.12.10.70.6379: Flags [S], cksum 0x9148 (correct), seq 1371328963, win 29200, options [mss 1380,sackOK,TS val 1148186340 ecr 0,nop,wscale 7], length 0
From my config I think this is important:
services:
elk-logstash:
image: logstash:8.4.0
ports:
- "6379:6379"
- "5044:5044"
- "9600:9600"
logging:
driver: journald
options:
tag: "{{.Name}}"
input {
tcp {
mode => "server"
host => "0.0.0.0"
port => "6379"
ssl_enable => "true"
ssl_cert => "***"
ssl_key => "***"
ssl_key_passphrase => "***"
ssl_verify => "false"
ssl_cipher_suites => ['TLS_AES_256_GCM_SHA384', 'TLS_AES_128_GCM_SHA256', 'TLS_CHACHA20_POLY1305_SHA256', 'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384', 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384', 'TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256', 'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256', 'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256', 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256', 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384', 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384', 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256', 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256']
ssl_supported_protocols => ['TLSv1.2', 'TLSv1.3']
codec => "json_lines"
tags => "ssl_TCPinput"
}
}