Skip to content
This repository has been archived by the owner on Apr 24, 2023. It is now read-only.

How to connect with elastic cloud? #44

Open
xncbf opened this issue Dec 12, 2018 · 4 comments
Open

How to connect with elastic cloud? #44

xncbf opened this issue Dec 12, 2018 · 4 comments

Comments

@xncbf
Copy link

xncbf commented Dec 12, 2018
edited

I organized ek stack by elastic cloud.
But i can't found any field for elastic cloud user and password.
I tried this but i can't get any connections.

  output-elasticsearch.conf: |
    [OUTPUT]
        Name            es
        Match           *
        Host            ${FLUENT_ELASTICSEARCH_HOST}
        Port            ${FLUENT_ELASTICSEARCH_PORT}
        HTTP_User       ${FLUENT_ELASTICSEARCH_USER}
        HTTP_Passwd     ${FLUENT_ELASTICSEARCH_PASSWORD}
        Logstash_Format On
        Retry_Limit     False
@ledroide
Copy link

@xncbf : I have a similar issue. Do you solve yours ?
Here is the fluent bit documentation about elasticsearch output plugin, it looks like you have the right parameters.

Here is my log output from a random fluent-bit 1.3.3 daemonset :

[2019/11/29 12:44:51] [error] [io fd=50] error sending data to: elasticsearch-es-http:9200 (Broken pipe)
[2019/11/29 12:44:51] [error] [src/flb_http_client.c:844 errno=25] Inappropriate ioctl for device
[2019/11/29 12:44:51] [ warn] [out_es] http_do=-1 URI=/_bulk
[2019/11/29 12:46:28] [error] [src/flb_http_client.c:844 errno=32] Broken pipe
[2019/11/29 12:46:28] [ warn] [out_es] http_do=-1 URI=/_bulk
[2019/11/29 12:51:40] [error] [io fd=50] error sending data to: elasticsearch-es-http:9200 (Broken pipe)
[2019/11/29 12:51:40] [error] [src/flb_http_client.c:844 errno=25] Inappropriate ioctl for device
[2019/11/29 12:51:40] [ warn] [out_es] http_do=-1 URI=/_bulk

And my conf :

  output-elasticsearch.conf: |
    [OUTPUT]
        Name            es
        Match           *
        Host            ${FLUENT_ELASTICSEARCH_HOST}
        Port            ${FLUENT_ELASTICSEARCH_PORT}
        Logstash_Format On
        Replace_Dots    On
        Retry_Limit     False
        HTTP_User       ${FLUENT_ELASTICSEARCH_USER}
        HTTP_Passwd     ${FLUENT_ELASTICSEARCH_PASSWORD}

@luislhl
Copy link

luislhl commented Apr 24, 2020
edited

@ledroide , did you find out the solution?

I was having the same problem as you, which I fixed by enabling tls on the output configuration.

  output-elasticsearch.conf: |
    [OUTPUT]
        Name            es
        Match           *
        Host            ${FLUENT_ELASTICSEARCH_HOST}
        Port            ${FLUENT_ELASTICSEARCH_PORT}
        HTTP_User       ${FLUENT_ELASTICSEARCH_USER}
        HTTP_Passwd     ${FLUENT_ELASTICSEARCH_PASSWORD}
        Logstash_Format On
        Replace_Dots    On
        Retry_Limit     False
        tls             On

The errors stopped being logged, by I still couldn't make fluent-bit send anything to my Elasticsearch hosted on Elastic Cloud.

I'm having this output now on fluent-bit containers after adding tls:

Fluent Bit v1.3.11
Copyright (C) Treasure Data

[2020/04/23 18:52:17] [ info] [storage] version=1.0.3, initializing...
[2020/04/23 18:52:17] [ info] [storage] in-memory
[2020/04/23 18:52:17] [ info] [storage] normal synchronization mode, checksum disabled, max_chunks_up=128
[2020/04/23 18:52:17] [ info] [engine] started (pid=1)
[2020/04/23 18:52:17] [ info] [filter_kube] https=1 host=kubernetes.default.svc port=443
[2020/04/23 18:52:17] [ info] [filter_kube] local POD info OK
[2020/04/23 18:52:17] [ info] [filter_kube] testing connectivity with API server...
[2020/04/23 18:52:17] [ info] [filter_kube] API server connectivity OK
[2020/04/23 18:52:17] [ info] [http_server] listen iface=0.0.0.0 tcp_port=2020
[2020/04/23 18:52:17] [ info] [sp] stream processor started

UPDATE

Actually the logs are working for me now.

The only thing left for me was to create the Index Pattern in Kibana, so I could visualize the logs. I created a Index Pattern for logstash-*, and can see the logs now. But I don't why exactly they are being created in that index, since the default is fluentbit.

But I also think @ledroide 's problem is not http, as I said before. I tested and it also worked.

@elpablete
Copy link

Besides using tls On make sure not to include the protocol (https://) part in your FLUENT_ELASTICSEARCH_HOST. At least that was my issue.

@ckgmg
Copy link

ckgmg commented Nov 26, 2021

Change the following to solve the problem

fluent-bit-configmap.yaml

output-elasticsearch.conf: |
[OUTPUT]
Name es
Match *
Host ${FLUENT_ELASTICSEARCH_HOST}
Port ${FLUENT_ELASTICSEARCH_PORT}
HTTP_User ${FLUENT_ELASTICSEARCH_USER}
HTTP_Passwd ${FLUENT_ELASTICSEARCH_PASSWORD}
Logstash_Format On
Logstash_Prefix k8s-fluentbit
Replace_Dots On
Retry_Limit False
tls On
tls.verify Off
Type flb

fluent-bit-ds.yaml
env:
- name: FLUENT_ELASTICSEARCH_HOST
value: "elastic-es-http.logging.svc"
- name: FLUENT_ELASTICSEARCH_PORT
value: "9200"
- name: FLUENT_ELASTICSEARCH_SCHEME
value: "https"
- name: FLUENT_ELASTICSEARCH_USER
value: "elastic"
- name: FLUENT_ELASTICSEARCH_PASSWORD
value: "*****"

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@elpablete @luislhl @xncbf @ledroide @ckgmg