2

输入网络界面 url 时出现此错误:

 Server currently unavailable
We are experiencing problems connecting to the Graylog server running on http://127.0.0.1:9000/api. Please verify that the server is healthy and working correctly.

You will be automatically redirected to the previous page once we can connect to the server.

Do you need a hand? We can help you.

More details

码头工人-compose.yml:

graylog:
    image: graylog2/server:2.3.0-1
    environment:
      GRAYLOG_PASSWORD_SECRET: xxx
      GRAYLOG_ROOT_PASSWORD_SHA2: xxx
      GRAYLOG_WEB_ENDPOINT_URI: http://example.com/api/
      GRAYLOG_REST_LISTEN_URI:  http://0.0.0.0:9000/api/
      GRAYLOG_WEB_LISTEN_URI: http://0.0.0.0:9000/
      GRAYLOG_ELASTICSEARCH_CLUSTER_NAME: graylog
      GRAYLOG_ELASTICSEARCH_HOSTS: http://graylog-elasticsearch:9200
    depends_on:
      - graylog-elasticsearch
      - mongo
    networks:
      - traefik
      - default
      - graylog
    deploy:
      labels:
        - "traefik.port=9000"
        - "traefik.tags=logging"
        - "traefik.docker.network=infra_traefik"
        - "traefik.backend=graylog"
      restart_policy:
        condition: on-failure
      replicas: 1
      placement:
        constraints:
          - node.labels.name == manager-1

如您所见,一切都应该正常工作。

这是 netstat 显示的内容:

root@6399d2a13c5d:/usr/share/graylog# netstat -tulnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:9000            0.0.0.0:*               LISTEN      -
tcp        0      0 127.0.0.11:42255        0.0.0.0:*               LISTEN      -
udp        0      0 127.0.0.11:51199        0.0.0.0:*                           -

这是容器 printenv:

    root@6399d2a13c5d:/usr/share/graylog# printenv
    GRAYLOG_ELASTICSEARCH_CLUSTER_NAME=graylog
    HOSTNAME=6399d2a13c5d
    TERM=xterm
    GRAYLOG_WEB_ENDPOINT_URI=http://example.com/api/
    GRAYLOG_REST_LISTEN_URI=http://0.0.0.0:9000/api/
    GRAYLOG_ROOT_PASSWORD_SHA2=ччч
    CA_CERTIFICATES_JAVA_VERSION=20140324
    GRAYLOG_PASSWORD_SECRET=ччч
    GRAYLOG_REST_TRANSPORT_URI=http://example.com/api/
    PWD=/usr/share/graylog
    JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/jre
    LANG=C.UTF-8
    JAVA_VERSION=8u72
    SHLVL=1
    HOME=/root
    JAVA_DEBIAN_VERSION=8u72-b15-1~bpo8+1
    GRAYLOG_ELASTICSEARCH_HOSTS=http://graylog-elasticsearch:9200
    GRAYLOG_WEB_LISTEN_URI=http://0.0.0.0:9000/
    GOSU_VERSION=1.7
    GRAYLOG_SERVER_JAVA_OPTS=-Xms1g -Xmx2g -XX:NewRatio=1 -XX:MaxMetaspaceSize=256m -server -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC -XX:+CMSConcurrentMTEnabled -XX:+CMSClassUnloadingEnabled -XX:+UseParNewGC -XX:-OmitStackTraceInFastThrow
    _=/usr/bin/printenv

我认为问题可能在这个 graylog 可能需要的自定义标头中:

RequestHeader set X-Graylog-Server-URL "http://graylog.example.org/api/"
4

2 回答 2

1

对于您给出的实现示例,我假设它example.org是远程主机而不是127.0.0.1. 在这种情况下,您假设需要附加标头是正确的。
根据我的经验,您应该剥离api/最终用户的 Web 访问权限。


您需要设置请求标头X-Graylog-Server-URL。例如curl -H "X-Graylog-Server-URL: http://graylog.example.org/" http://127.0.0.1:9000。如果你想在你的 graylog 服务器前面设置一个 web 服务器,
Graylog web 代理配置会提供一些很好的信息。遗憾的是(在撰写本文时)Docker 示例不包含基本的 nginx 配置

我正在使用 kubernetes,必须将以下内容添加到我的入口注释中才能正确获取流量

ingress:
  annotations:
    nginx.ingress.kubernetes.io/configuration-snippet: |
      proxy_set_header X-Graylog-Server-URL https://$server_name/;
于 2018-08-07T08:38:03.237 回答
-1

我认为你应该只使用

GRAYLOG_WEB_ENDPOINT_URI=http://<your-host-ip>/api/

没有休息 URI 设置。

于 2017-09-29T08:15:20.250 回答