Graylog on docker not start

Sharzad · March 12, 2019, 2:23pm

config folder look lik:
drwxrwxrwx 2 755 1100 4096 Mar 12 15:12 config
and gralog start with this error:
chown: changing ownership of ‘/usr/share/graylog/data/config’: Operation not permitted
Warning can not change owner to graylog:graylog
http://servername:9000/api says unable to connect and
curl http://servername:9000 says:
Failed to connect to datalog port 9000: Connection refused
The firewall is disabled
netstat -tupln | grep 9000
tcp6 0 0 :::9000 :::* LISTEN -

Sharzad · March 12, 2019, 2:48pm

i change the config file to 1100:1100 and now http://servername:9000
We are experiencing problems connecting to the Graylog server running on http://172.18.0.4:9000/api/. Please verify that the server is healthy and working correctly.

You will be automatically redirected to the previous page once we can connect to the server.

and detail:
Error message
Request has been terminated
Possible causes: the network is offline, Origin is not allowed by Access-Control-Allow-Origin, the page is being unloaded, etc.
Original Request
GET http://172.18.0.4:9000/api/
Status code
undefined
Full error message
Error: Request has been terminated
Possible causes: the network is offline, Origin is not allowed by Access-Control-Allow-Origin, the page is being unloaded, etc.

i have following error in graylog log
ERROR: org.graylog2.indexer.cluster.Cluster - Couldn’t read cluster health for indices [graylog_*] (Could not connect to http://127.0.0.1:9200)

jan · March 12, 2019, 2:50pm

what is your configuration look like?
what graylog version did you start?

Sharzad · March 12, 2019, 2:55pm

i used the compose file from the graylog.com
graylog is version 3.0 and elastic is 6.6.1

here is compose file

version: '2'
services:
  mongodb:
    image: mongo:3
    volumes:
      - /graylog/data/db:/data/db
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.1
    volumes:
      - /graylog/elasticsearch:/usr/share/elasticsearch/data
    environment:
      - http.host=0.0.0.0
      - transport.host=localhost
      - network.host=0.0.0.0
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
    ulimits:
      memlock:
        soft: -1
        hard: -1
    mem_limit: 1g
 
  graylog:
    image: graylog/graylog:3.0
      #graylog/graylog:3.0
    volumes:
      - /graylog/data/journal:/usr/share/graylog/data/journal
      - /graylog/config:/usr/share/graylog/data/config
    environment:
      # CHANGE ME (must be at least 16 characters)!
      - GRAYLOG_PASSWORD_SECRET=somepasswordpepper
      # Password: admin
      - GRAYLOG_ROOT_PASSWORD_SHA2=415160ff57f6bb5a592ba347d4c992a1a489437180fe4b228d31d72091f76fb3
#      - GRAYLOG_ELASTICSEARCH_HOSTS=http://elasticsearch:9200
      - GRAYLOG_WEB_ENDPOINT_URI=http://"servername:9000/api
#      - GRAYLOG_HTTP_EXTERNAL_URI=http://servername:9000/api
#      - GRAYLOG_HTTP_PUBLISH_URI=http://servername:9000/api
    links:
      - mongodb:mongo
      - elasticsearch
    depends_on:
      - mongodb
      - elasticsearch
    ports:
      # Graylog web interface and REST API
      - 9000:9000
      # Syslog TCP
      - 514:514
      # Syslog UDP
      # GELF TCP
      - 12201:12201
      # GELF UDP
      - 12201:12201/udp
volumes:
  mongo_data:
    driver: local
  es_data:
    driver: local
  graylog_journal:
    driver: local

jan · March 12, 2019, 3:05pm

please make your posting readable with markup like mentioned in the FAQ

Sharzad · March 12, 2019, 3:15pm

ok sorry:
it’s graylog version 3.0 and elasticsearch version 6.6.1 mongo version 3

Sharzad · March 13, 2019, 11:21am

it’s work now. problem was group id and permission. graylog has 1100 as group and mango 999 and elastic just unix user permission.

Sharzad · March 13, 2019, 12:21pm

i mount mongo volumes like: - /graylog/data/db:/data/db
and /graylog/data/db has: drwxr-xr-x 2 999 root 4096 Mar 13 09:33 db
i can’t see any file in db directories. it’s look like the mount, is not correct.
From docker logs for mango i found the following error:

I NETWORK [initandlisten] waiting for connections on port 27017
2019-03-13T09:52:37.067+0000 I NETWORK [listener] connection accepted from 172.21.0.4:49582 #1 (1 connection now open)
2019-03-13T09:52:37.076+0000 I NETWORK [conn1] received client metadata from 172.21.0.4:49582 conn1: { driver: { name: “mongo-java-driver”, version: “unknown” }, os: { type: “Linux”, name: “Linux”, architecture
2019-03-13T09:52:37.106+0000 I NETWORK [listener] connection accepted from 172.21.0.4:49584 #2 (2 connections now open).

What is wrong?

jan · March 13, 2019, 2:33pm

what is the software mango you are talking about?

Sharzad · March 13, 2019, 3:30pm

I mean mongo. this is just typo.

jan · March 13, 2019, 3:50pm

Guy I fixed your formatting - please do this your own in the future.

You did not read well the documentation, you mixed in settings from Graylog prior to Version 3.0 what will make it fail to run.

Please re-read the docs and correct your docker compose file

system · March 27, 2019, 3:50pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Graylog Errors and Exits When Running Docker Graylog Central (peer support)	5	8839	April 26, 2019
Graylog Docker Failed to connect: Connection refused Graylog Central (peer support)	5	8563	November 27, 2017
The docker installation container failed to start Graylog Central (peer support)	1	103	March 25, 2024
Connection refused issues with graylog Graylog Central (peer support)	3	4063	August 2, 2017
Problems running graylog on google cloud VPS Graylog Central (peer support)	11	4475	August 19, 2017

Graylog on docker not start

Related Topics