0

我正在尝试将Packetbeat部署为DaemonSetKubernetes 集群。但是 KubernetesCrashLoopBackOff在运行 Packetbeat 时出错。我检查了 Packetbeat 的 pod 日志。以下是日志。

2020-08-23T14:28:00.054Z        INFO    instance/beat.go:475    Beat UUID: 69d32e5f-c8f2-41bf-9242-48435688c540
2020-08-23T14:28:00.054Z        INFO    instance/beat.go:213    Setup Beat: packetbeat; Version: 6.2.4
2020-08-23T14:28:00.061Z        INFO    add_cloud_metadata/add_cloud_metadata.go:301    add_cloud_metadata: hosting provider type detected as ec2, metadata={"availability_zone":"us-east-1f","instance_id":"i-05b8121af85c94236","machine_type":"t2.medium","provider":"ec2","region":"us-east-1"}
2020-08-23T14:28:00.061Z        INFO    kubernetes/watcher.go:77        kubernetes: Performing a pod sync
2020-08-23T14:28:00.074Z        INFO    kubernetes/watcher.go:108       kubernetes: Pod sync done
2020-08-23T14:28:00.074Z        INFO    elasticsearch/client.go:145     Elasticsearch url: http://elasticsearch:9200
2020-08-23T14:28:00.074Z        INFO    kubernetes/watcher.go:140       kubernetes: Watching API for pod events
2020-08-23T14:28:00.074Z        INFO    pipeline/module.go:76   Beat name: ip-172-31-72-117
2020-08-23T14:28:00.075Z        INFO    procs/procs.go:78       Process matching disabled
2020-08-23T14:28:00.076Z        INFO    [monitoring]    log/log.go:97   Starting metrics logging every 30s
2020-08-23T14:28:00.076Z        INFO    elasticsearch/client.go:145     Elasticsearch url: http://elasticsearch:9200
2020-08-23T14:28:00.083Z        WARN    transport/tcp.go:36     DNS lookup failure "elasticsearch": lookup elasticsearch on 172.31.0.2:53: no such host
2020-08-23T14:28:00.083Z        ERROR   elasticsearch/elasticsearch.go:165      Error connecting to Elasticsearch at http://elasticsearch:9200: Get http://elasticsearch:9200: lookup elasticsearch on 172.31.0.2:53: no such host
2020-08-23T14:28:00.085Z        INFO    [monitoring]    log/log.go:132  Total non-zero metrics  {"monitoring": {"metrics": {"beat":{"cpu":{"system":{"ticks":20,"time":28},"total":{"ticks":160,"time":176,"value":160},"user":{"ticks":140,"time":148}},"info":{"ephemeral_id":"70e07383-3aae-4bc1-a6e1-540a6cfa8ad8","uptime":{"ms":35}},"memstats":{"gc_next":26511344,"memory_alloc":21723000,"memory_total":23319008,"rss":51834880}},"libbeat":{"config":{"module":{"running":0}},"output":{"type":"elasticsearch"},"pipeline":{"clients":5,"events":{"active":0}}},"system":{"cpu":{"cores":2},"load":{"1":0.11,"15":0.1,"5":0.14,"norm":{"1":0.055,"15":0.05,"5":0.07}}}}}}
2020-08-23T14:28:00.085Z        INFO    [monitoring]    log/log.go:133  Uptime: 37.596889ms
2020-08-23T14:28:00.085Z        INFO    [monitoring]    log/log.go:110  Stopping metrics logging.
2020-08-23T14:28:00.085Z        ERROR   instance/beat.go:667    Exiting: Error importing Kibana dashboards: fail to create the Elasticsearch loader: Error creating Elasticsearch client: Couldn't connect to any of the configured Elasticsearch hosts. Errors: [Error connection to Elasticsearch http://elasticsearch:9200: Get http://elasticsearch:9200: lookup elasticsearch on 172.31.0.2:53: no such host]
Exiting: Error importing Kibana dashboards: fail to create the Elasticsearch loader: Error creating Elasticsearch client: Couldn't connect to any of the configured Elasticsearch hosts. Errors: [Error connection to Elasticsearch http://elasticsearch:9200: Get http://elasticsearch:9200: lookup elastic search on 172.31.0.2:53: no such host]

这是 Packetbeat.yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: packetbeat-dynamic-config
  namespace: kube-system
  labels:
    k8s-app: packetbeat-dynamic
    kubernetes.io/cluster-service: "true"
data:
  packetbeat.yml: |-
    setup.dashboards.enabled: true
    setup.template.enabled: true
    setup.template.settings:
      index.number_of_shards: 2
    packetbeat.interfaces.device: any
    packetbeat.protocols:
    - type: dns
      ports: [53]
      include_authorities: true
      include_additionals: true
    - type: http
      ports: [80, 8000, 8080, 9200]
    - type: mysql
      ports: [3306]
    - type: redis
      ports: [6379]
    packetbeat.flows:
      timeout: 30s
      period: 10s
    processors:
      - add_cloud_metadata:
      - add_kubernetes_metadata:
          host: ${HOSTNAME}
          indexers:
          - ip_port:
          matchers:
          - field_format:
              format: '%{[ip]}:%{[port]}'
    cloud.id: ${ELASTIC_CLOUD_ID}
    cloud.auth: ${ELASTIC_CLOUD_AUTH}
    #setup.kibana.host: kibana:5601

    setup.ilm.overwrite: true
    output.elasticsearch:
      hosts: ['${ELASTICSEARCH_HOST:elasticsearch}:${ELASTICSEARCH_PORT:9200}']
      username: ${ELASTICSEARCH_USERNAME}
      password: ${ELASTICSEARCH_PASSWORD}
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: packetbeat-dynamic
  namespace: kube-system
  labels:
    k8s-app: packetbeat-dynamic
    kubernetes.io/cluster-service: "true"
spec:
  selector:
    matchLabels:
      k8s-app: packetbeat-dynamic
      kubernetes.io/cluster-service: "true"
  template:
    metadata:
      labels:
        k8s-app: packetbeat-dynamic
        kubernetes.io/cluster-service: "true"
    spec:
      serviceAccountName: packetbeat-dynamic
      terminationGracePeriodSeconds: 30
      hostNetwork: true
      containers:
      - name: packetbeat-dynamic
        image: docker.elastic.co/beats/packetbeat:6.2.4
        imagePullPolicy: Always
        args: [
          "-c", "/etc/packetbeat.yml",
          "-e",
        ]
        securityContext:
          runAsUser: 0
          capabilities:
            add:
            - NET_ADMIN
        env:
        - name: ELASTICSEARCH_HOST
          value: elasticsearch
        - name: ELASTICSEARCH_PORT
          value: "9200"
        - name: ELASTICSEARCH_USERNAME
          value: elastic
        - name: ELASTICSEARCH_PASSWORD
          value: changeme
        - name: CLOUD_ID
          value:
        - name: ELASTIC_CLOUD_AUTH
          value:
        - name: KIBANA_HOST
          value: kibana
        - name: KIBANA_PORT
          value: "5601"
        volumeMounts:
        - name: config
          mountPath: /etc/packetbeat.yml
          readOnly: true
          subPath: packetbeat.yml
        - name: data
          mountPath: /usr/share/packetbeat/data
      volumes:
      - name: config
        configMap:
          defaultMode: 0600
          name: packetbeat-dynamic-config
      - name: data
        emptyDir: {}
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: packetbeat-dynamic
subjects:
- kind: ServiceAccount
  name: packetbeat-dynamic
  namespace: kube-system
roleRef:
  kind: ClusterRole
  name: packetbeat-dynamic
  apiGroup: rbac.authorization.k8s.io
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
  name: packetbeat-dynamic
  labels:
    k8s-app: packetbeat-dynamic
rules:
- apiGroups: [""] # "" indicates the core API group
  resources:
  - namespaces
  - pods
  verbs:
  - get
  - watch
  - list
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: packetbeat-dynamic
  namespace: kube-system
  labels:
    k8s-app: packetbeat-dynamic

谁能建议我解决这个问题?任何建议的链接也更有帮助。

kubectl 描述 daemonset packetbeat-dynamic -n kube-system

Name:           packetbeat-dynamic
Selector:       k8s-app=packetbeat-dynamic,kubernetes.io/cluster-service=true
Node-Selector:  <none>
Labels:         k8s-app=packetbeat-dynamic
                kubernetes.io/cluster-service=true
Annotations:    deprecated.daemonset.template.generation: 1
Desired Number of Nodes Scheduled: 1
Current Number of Nodes Scheduled: 1
Number of Nodes Scheduled with Up-to-date Pods: 1
Number of Nodes Scheduled with Available Pods: 0
Number of Nodes Misscheduled: 1
Pods Status:  2 Running / 0 Waiting / 0 Succeeded / 0 Failed
Pod Template:
  Labels:           k8s-app=packetbeat-dynamic
                    kubernetes.io/cluster-service=true
  Service Account:  packetbeat-dynamic
  Containers:
   packetbeat-dynamic:
    Image:      docker.elastic.co/beats/packetbeat:6.2.4
    Port:       <none>
    Host Port:  <none>
    Args:
      -c
      /etc/packetbeat.yml
      -e
    Environment:
      ELASTICSEARCH_HOST:      elasticsearch
      ELASTICSEARCH_PORT:      9200
      ELASTICSEARCH_USERNAME:  elastic
      ELASTICSEARCH_PASSWORD:  changeme
      CLOUD_ID:
      ELASTIC_CLOUD_AUTH:
      KIBANA_HOST:             kibana
      KIBANA_PORT:             5601
    Mounts:
      /etc/packetbeat.yml from config (ro,path="packetbeat.yml")
      /usr/share/packetbeat/data from data (rw)
  Volumes:
   config:
    Type:      ConfigMap (a volume populated by a ConfigMap)
    Name:      packetbeat-dynamic-config
    Optional:  false
   data:
    Type:       EmptyDir (a temporary directory that shares a pod's lifetime)
    Medium:
    SizeLimit:  <unset>
Events:         <none>
4

0 回答 0