Metricbeat Beat 连接es失败(启用xpack)
Metricbeat Beat failed to connect es (xpack enabled)
头盔版本: "v3.1.1"
helm get release输出
helm 状态 metricbeat
名称:metricbeat
最后部署:2020 年 4 月 30 日星期四 10:05:32
命名空间:默认
状态:已部署
修订:1
错误描述:无法连接到elasticsearch,部署的configmap不包含用户名:和密码输入。
重现步骤:
- 在 elasticsearch 中启用 xpack
- 运行 - helm install metricbeat elastic/metricbeat --set imageTag=7.6.2 --values metrics.yaml
metrics.yaml
daemonset:
extraEnvs:
- name: 'ES_USERNAME'
valueFrom:
secretKeyRef:
name: elastic-credentials
key: username
- name: 'ES_PASSWORD'
valueFrom:
secretKeyRef:
name: elastic-credentials
key: password
# Allows you to add any config files in /usr/share/metricbeat
# such as metricbeat.yml for daemonset
metricbeatConfig:
metricbeat.yml: |
metricbeat.modules:
- module: kubernetes
metricsets:
- container
- node
- pod
- system
- volume
period: 10s
host: "${NODE_NAME}"
hosts: ["${NODE_NAME}:10250"]
# bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
# ssl.verification_mode: "none"
# If using Red Hat OpenShift remove ssl.verification_mode entry and
# uncomment these settings:
#ssl.certificate_authorities:
#- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
processors:
- add_kubernetes_metadata: ~
- module: kubernetes
enabled: true
metricsets:
- event
- module: system
period: 10s
metricsets:
- cpu
- load
- memory
- network
- process
- process_summary
processes: ['.*']
process.include_top_n:
by_cpu: 5
by_memory: 5
- module: system
period: 1m
metricsets:
- filesystem
- fsstat
processors:
- drop_event.when.regexp:
system.filesystem.mount_point: '^/(sys|cgroup|proc|dev|etc|host|lib)($|/)'
output.elasticsearch:
username: '${ES_USERNAME}'
password: '${ES_PASSWORD}'
hosts: ["elasticsearch-master:9200"]
deployment:
extraEnvs:
- name: 'ES_USERNAME'
valueFrom:
secretKeyRef:
name: elastic-credentials
key: username
- name: ES_PASSWORD'
valueFrom:
secretKeyRef:
name: elastic-credentials
key: password
# Allows you to add any config files in /usr/share/metricbeat
# such as metricbeat.yml for deployment
metricbeatConfig:
metricbeat.yml: |
metricbeat.modules:
- module: kubernetes
enabled: true
metricsets:
- state_node
- state_deployment
- state_replicaset
- state_pod
- state_container
period: 10s
hosts: ["${KUBE_STATE_METRICS_HOSTS}"]
output.elasticsearch:
username: '${ES_USERNAME}'
password: '${ES_PASSWORD}'
hosts: ["elasticsearch-master:9200"]
metricbeat.yml部署后不包含用户名和密码输入:
metricbeat.modules:
- module: kubernetes
metricsets:
- container
- node
- pod
- system
- volume
period: 10s
host: "${NODE_NAME}"
hosts: ["${NODE_NAME}:10255"]
processors:
- add_kubernetes_metadata:
in_cluster: true
- module: kubernetes
enabled: true
metricsets:
- event
- module: system
period: 10s
metricsets:
- cpu
- load
- memory
- network
- process
- process_summary
processes: ['.*']
process.include_top_n:
by_cpu: 5
by_memory: 5
- module: system
period: 1m
metricsets:
- filesystem
- fsstat
processors:
- drop_event.when.regexp:
system.filesystem.mount_point: '^/(sys|cgroup|proc|dev|etc|host|lib)($|/)'
output.elasticsearch:
hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}'
预期行为: 应该使用用户名和密码连接到 es 而不会出现问题。
提供日志and/or 服务器输出(如果相关):
pipeline/output.go:100 Failed to connect to backoff(elasticsearch(http://elasticsearch-master:9200)): 401 Unauthorized: {"error":{"root_cause":[{"type":"security_exception","reason":"missing authentication credentials for REST request [/]","header":{"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-8\""}}],"type":"security_exception","reason":"missing authentication credentials for REST request [/]","header":{"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-8\""}},"status":401}
任何附加上下文:
我能够使用相同的凭据连接弹性搜索,并且它也适用于 Kibana 登录。
我是 Elastic Helm charts 的维护者。
由于最近的重构,Git 存储库 master 分支上记录的值 daemonset.xxx 和 deployment.xxx 与当前发布的图表版本不兼容。
如果你想安装当前发布的版本(7.6.2), you can find the values to use on the README from 7.6.2 release.
如果你想部署应该很快发布的下一个版本并且将使用 daemonset.xxx 和 deployment.xxx 值,你可以克隆 repo 并使用 installation instructions from 7.7 branch.
PS:如评论中所述,请注意Elastic charts尚不支持Helm v3,我们仍然建议使用Helm v2。
头盔版本: "v3.1.1"
helm get release输出
helm 状态 metricbeat 名称:metricbeat 最后部署:2020 年 4 月 30 日星期四 10:05:32 命名空间:默认 状态:已部署 修订:1
错误描述:无法连接到elasticsearch,部署的configmap不包含用户名:和密码输入。
重现步骤:
- 在 elasticsearch 中启用 xpack
- 运行 - helm install metricbeat elastic/metricbeat --set imageTag=7.6.2 --values metrics.yaml
metrics.yaml
daemonset:
extraEnvs:
- name: 'ES_USERNAME'
valueFrom:
secretKeyRef:
name: elastic-credentials
key: username
- name: 'ES_PASSWORD'
valueFrom:
secretKeyRef:
name: elastic-credentials
key: password
# Allows you to add any config files in /usr/share/metricbeat
# such as metricbeat.yml for daemonset
metricbeatConfig:
metricbeat.yml: |
metricbeat.modules:
- module: kubernetes
metricsets:
- container
- node
- pod
- system
- volume
period: 10s
host: "${NODE_NAME}"
hosts: ["${NODE_NAME}:10250"]
# bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
# ssl.verification_mode: "none"
# If using Red Hat OpenShift remove ssl.verification_mode entry and
# uncomment these settings:
#ssl.certificate_authorities:
#- /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
processors:
- add_kubernetes_metadata: ~
- module: kubernetes
enabled: true
metricsets:
- event
- module: system
period: 10s
metricsets:
- cpu
- load
- memory
- network
- process
- process_summary
processes: ['.*']
process.include_top_n:
by_cpu: 5
by_memory: 5
- module: system
period: 1m
metricsets:
- filesystem
- fsstat
processors:
- drop_event.when.regexp:
system.filesystem.mount_point: '^/(sys|cgroup|proc|dev|etc|host|lib)($|/)'
output.elasticsearch:
username: '${ES_USERNAME}'
password: '${ES_PASSWORD}'
hosts: ["elasticsearch-master:9200"]
deployment:
extraEnvs:
- name: 'ES_USERNAME'
valueFrom:
secretKeyRef:
name: elastic-credentials
key: username
- name: ES_PASSWORD'
valueFrom:
secretKeyRef:
name: elastic-credentials
key: password
# Allows you to add any config files in /usr/share/metricbeat
# such as metricbeat.yml for deployment
metricbeatConfig:
metricbeat.yml: |
metricbeat.modules:
- module: kubernetes
enabled: true
metricsets:
- state_node
- state_deployment
- state_replicaset
- state_pod
- state_container
period: 10s
hosts: ["${KUBE_STATE_METRICS_HOSTS}"]
output.elasticsearch:
username: '${ES_USERNAME}'
password: '${ES_PASSWORD}'
hosts: ["elasticsearch-master:9200"]
metricbeat.yml部署后不包含用户名和密码输入:
metricbeat.modules:
- module: kubernetes
metricsets:
- container
- node
- pod
- system
- volume
period: 10s
host: "${NODE_NAME}"
hosts: ["${NODE_NAME}:10255"]
processors:
- add_kubernetes_metadata:
in_cluster: true
- module: kubernetes
enabled: true
metricsets:
- event
- module: system
period: 10s
metricsets:
- cpu
- load
- memory
- network
- process
- process_summary
processes: ['.*']
process.include_top_n:
by_cpu: 5
by_memory: 5
- module: system
period: 1m
metricsets:
- filesystem
- fsstat
processors:
- drop_event.when.regexp:
system.filesystem.mount_point: '^/(sys|cgroup|proc|dev|etc|host|lib)($|/)'
output.elasticsearch:
hosts: '${ELASTICSEARCH_HOSTS:elasticsearch-master:9200}'
预期行为: 应该使用用户名和密码连接到 es 而不会出现问题。
提供日志and/or 服务器输出(如果相关):
pipeline/output.go:100 Failed to connect to backoff(elasticsearch(http://elasticsearch-master:9200)): 401 Unauthorized: {"error":{"root_cause":[{"type":"security_exception","reason":"missing authentication credentials for REST request [/]","header":{"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-8\""}}],"type":"security_exception","reason":"missing authentication credentials for REST request [/]","header":{"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-8\""}},"status":401}
任何附加上下文:
我能够使用相同的凭据连接弹性搜索,并且它也适用于 Kibana 登录。
我是 Elastic Helm charts 的维护者。
由于最近的重构,Git 存储库 master 分支上记录的值 daemonset.xxx 和 deployment.xxx 与当前发布的图表版本不兼容。
如果你想安装当前发布的版本(7.6.2), you can find the values to use on the README from 7.6.2 release.
如果你想部署应该很快发布的下一个版本并且将使用 daemonset.xxx 和 deployment.xxx 值,你可以克隆 repo 并使用 installation instructions from 7.7 branch.
PS:如评论中所述,请注意Elastic charts尚不支持Helm v3,我们仍然建议使用Helm v2。