Edgio
Failed to produce message to topic : dial tcp 127.0.0.1:9092
I'm trying to run vFlow in docker environment so I have confluent being set up and it works properly, but when I run vFlow it seems like it doesn't take into account configuration regarding kafka broker.
I run vFlow container as follows:
docker run -d -v /opt/vflow/vflow.conf:/etc/vflow/vflow.conf -v /opt/vflow/mq.conf:/etc/vflow/mq.conf -p 5102:5102/udp -p 18081:8081 -e VFLOW_KAFKA_BROKERS="172.19.0.3:9092" --network=confluent_network mehrdadrad/vflow
my vflow.conf looks like:
netflow9-port: 5102
netflow9-workers: 600
netflow9-topic: vflow-v9
log-file: /var/log/vflow.log
Additionally (it shouldn't be necessary, but just to be sure) I map mq.conf file with the same broker address:
brokers:
- 172.19.0.3:9092
retry-max: 1
retry-backoff: 30
But when actual netflow traffic is coming I see bunch of messages 'Failed to produce message to topic' in /var/log/vflow.log, they look like:
[vflow] 2019/05/09 06:18:08 kafka: Failed to produce message to topic vflow-v9: dial tcp 127.0.0.1:9092: getsockopt: connection refused
[vflow] 2019/05/09 06:18:08 kafka: Failed to produce message to topic vflow-v9: dial tcp 127.0.0.1:9092: getsockopt: connection refused
[vflow] 2019/05/09 06:18:08 kafka: Failed to produce message to topic vflow-v9: dial tcp 127.0.0.1:9092: getsockopt: connection refused
I'm a bit confused since I've specified different broker IP:port in ENV variables and config file, and at the beginning of log file it seems like this values are taken into consideration:
[vflow] 2019/05/09 06:16:41 start producer: Kafka, brokers: [172.19.0.3:9092], topic: vflow.sflow
[vflow] 2019/05/09 06:16:41 start producer: Kafka, brokers: [172.19.0.3:9092], topic: vflow.ipfix
[vflow] 2019/05/09 06:16:41 start producer: Kafka, brokers: [172.19.0.3:9092], topic: vflow-v9
btw, Kafka broker is definitely accessible from vFlow container, tried it via telnet inside vFlow container: apt update && apt install -y telnet && telnet 172.19.0.3 9092 connects successfully.
Could you please help?
@z3rohour I'm also trying to make it work in docker environment. I've got Kafka running in docker container (docker run -d -p 2181:2181 -p 9092:9092 --env ADVERTISED_HOST=kafka --env ADVERTISED_PORT=9092 --name kafka -h kafka spotify/kafka). I've got Vflow running in docker (docker run -d -p 4739:4739 -p 6343:6343 -p 8081:8081 -e VFLOW_KAFKA_BROKERS="172.17.0.2:9092" -v /tmp/vflow/etc:/etc/vflow:ro -v /tmp/vflow/log:/var/log/vflow:rw --name vflow -i mehrdadrad/vflow). How are you sending network traffic to Vflow, can you please let me know?
@a759116 i'm using nginx as loadbalancer on my physical host that sends UDP datagrams to localhost:5102. I was able to figure out what's wrong with my setup - I'm using confluent as kafka broker and for whatever reason it doesn't accept messages from another docker container in the same overlay network. I managed to run vFlow on my physical machine instead and it seems to be working
@z3rohour can you please share your nginx configuration(nginx.conf file)? For me, the nginx server (docker container) is not able to connect to my vflow server (docker container). Here is the extract from nginx server log
When I use the IP address of vflow docker container (172.17.0.3)
bash-3.2$ docker logs nginx 172.17.0.1 - - [24/May/2019:13:17:54 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.64.0" "-" 2019/05/24 13:40:44 [error] 349#349: *2 connect() failed (111: Connection refused) while connecting to upstream, client: 172.17.0.1, server: , request: "GET / HTTP/1.1", upstream: "http://172.17.0.3:5102/", host: "localhost" 172.17.0.1 - - [24/May/2019:13:40:44 +0000] "GET / HTTP/1.1" 502 158 "-" "curl/7.64.0"
When I use localhost
2019/05/24 13:57:56 [error] 361#361: *6 connect() failed (111: Connection refused) while connecting to upstream, client: 172.17.0.1, server: , request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:5102/", host: "localhost" 2019/05/24 13:57:56 [error] 361#361: *6 connect() failed (111: Connection refused) while connecting to upstream, client: 172.17.0.1, server: , request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:5102/", host: "localhost" 172.17.0.1 - - [24/May/2019:13:57:56 +0000] "GET / HTTP/1.1" 502 158 "-" "curl/7.64.0"
Here is my inginx.conf file
http { sendfile on;
upstream vflow {
server localhost:5102;
}
server {
listen 80;
location / {
proxy_pass http://vflow;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
}
Can you please suggest if I'm missing something or doing wrong.
Hello,
I’m away from my laptop for the next couple of days but it seems like you have nginx configured to act as HTTP proxy which doesn’t work for UDP netflow traffic. Here you can find an example of nginx configuration to balance UDP traffic - https://docs.nginx.com/nginx/admin-guide/load-balancer/tcp-udp-load-balancer/#upstream
I can share my config next week if something is unclear
Cheers, Eugene
Sent from my iPhone
On 24 May 2019, at 17:19, Rudra N Panda [email protected] wrote:
@z3rohour can you please share your nginx configuration(nginx.conf file)? For me, the nginx server (docker container) is not able to connect to my vflow server (docker container). Here is the extract from nginx server log
When I use the IP address of vflow docker container (172.17.0.3)
bash-3.2$ docker logs nginx 172.17.0.1 - - [24/May/2019:13:17:54 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.64.0" "-" 2019/05/24 13:40:44 [error] 349#349: *2 connect() failed (111: Connection refused) while connecting to upstream, client: 172.17.0.1, server: , request: "GET / HTTP/1.1", upstream: "http://172.17.0.3:5102/", host: "localhost" 172.17.0.1 - - [24/May/2019:13:40:44 +0000] "GET / HTTP/1.1" 502 158 "-" "curl/7.64.0"
When I use localhost
2019/05/24 13:57:56 [error] 361#361: *6 connect() failed (111: Connection refused) while connecting to upstream, client: 172.17.0.1, server: , request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:5102/", host: "localhost" 2019/05/24 13:57:56 [error] 361#361: *6 connect() failed (111: Connection refused) while connecting to upstream, client: 172.17.0.1, server: , request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:5102/", host: "localhost" 172.17.0.1 - - [24/May/2019:13:57:56 +0000] "GET / HTTP/1.1" 502 158 "-" "curl/7.64.0"
Here is my inginx.conf file
http { sendfile on;
upstream vflow { server localhost:5102; } server { listen 80; location / { proxy_pass http://vflow; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $server_name; } }}
Can you please suggest if I'm missing something or doing wrong.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.
@z3rohour Thanks for your quick response. I will take a look at the article and figure it out. In the mean time, I used netcat to generate UDP packets. However, vflow is not able to read the data. Here is the message "[vflow] 2019/05/24 14:52:19 can not read the data". This is what I did to generate the data
bash-3.2$ nc -vnzu 127.0.0.1 5102 found 0 associations found 1 connections: 1: flags=82<CONNECTED,PREFERRED> outif (null) src 127.0.0.1 port 50939 dst 127.0.0.1 port 5102 rank info not available
Connection to 127.0.0.1 port 5102 [udp/*] succeeded!
Any thoughts or ideas?