Linux基础
1 前言
一个问题,一篇文章,一出故事。
笔者集群运行logstash发现它希望在514端口倾听,但是被系统拒绝,详细日志如下,
可见如下提示,
Jul 10 15:32:30 azlogstash logstash[1632]: [2024-07-10T15:32:30,530][WARN ][logstash.inputs.syslog ][main][53ccb7566edb907197e8cdc4242bda697ad0a69bffa35323568b0b3a910539df] syslog listener died {:protocol=>:tcp, :address=>"0.0.0.0:514", :exception=>#, :backtrace=>["org/jruby/ext/socket/RubyTCPServer.java:123:in `initialize'", "org/jruby/RubyClass.java:949:in `new'", "org/jruby/RubyIO.java:888:in `new'", "/usr/share/logstash/vendor/bundle/jruby/3.1.0/gems/logstash-input-syslog-3.7.0/lib/logstash/inputs/syslog.rb:208:in `tcp_listener'", "/usr/share/logstash/vendor/bundle/jruby/3.1.0/gems/logstash-input-syslog-3.7.0/lib/logstash/inputs/syslog.rb:172:in `server'", "/usr/share/logstash/vendor/bundle/jruby/3.1.0/gems/logstash-input-syslog-3.7.0/lib/logstash/inputs/syslog.rb:156:in `block in run'"]} Jul 10 15:32:30 azlogstash logstash[1632]: [2024-07-10T15:32:30,531][WARN ][logstash.inputs.syslog ][main][53ccb7566edb907197e8cdc4242bda697ad0a69bffa35323568b0b3a910539df] syslog listener died {:protocol=>:udp, :address=>"0.0.0.0:514", :exception=>#, :backtrace=>["org/jruby/ext/socket/RubyUDPSocket.java:167:in `bind'", "/usr/share/logstash/vendor/bundle/jruby/3.1.0/gems/logstash-input-syslog-3.7.0/lib/logstash/inputs/syslog.rb:191:in `udp_listener'", "/usr/share/logstash/vendor/bundle/jruby/3.1.0/gems/logstash-input-syslog-3.7.0/lib/logstash/inputs/syslog.rb:172:in `server'", "/usr/share/logstash/vendor/bundle/jruby/3.1.0/gems/logstash-input-syslog-3.7.0/lib/logstash/inputs/syslog.rb:152:in `block in run'"]}
因此,本章将总结解决此问题的方案。
2 最佳实践
2.1 查看当前的系统配置
sysctl net.ipv4.ip_unprivileged_port_start
可见如下提示,
net.ipv4.ip_unprivileged_port_start = 1024
2.2 修改系统设置
echo "net.ipv4.ip_unprivileged_port_start = 514" >> /etc/sysctl.d/99-sysctl.conf sysctl -p
没有评论