At work we use Rancher2 clusters a lot. The UI makes some things easier I have to admit. Like sending logs from the cluster somewhere. I wanted to test sending such logs to an ElasticSearch and thus I setup a test installation with docker-compose:
version: "3.4"
services:
elasticsearch:
restart: always
image: elasticsearch:7.5.1
container_name: elasticsearch
ports:
- "9200:9200"
environment:
- ES_JAVA_OPTS=-Xmx16g
- cluster.name=lala-cluster
- bootstrap.memory_lock=true
- discovery.type=single-node
- node.name=lala-node
- http.port=9200
- xpack.security.enabled=true
- xpack.monitoring.collection.enabled=true
volumes:
# ensure chown 1000:1000 /opt/elasticsearch/data please.
- /opt/elasticsearch/data:/usr/share/elasticsearch/data
kibana:
restart: always
image: kibana:7.5.1
ports:
- "5601:5601"
container_name: kibana
depends_on:
- elasticsearch
volumes:
- /etc/docker/compose/kibana.yml:/usr/share/kibana/config/kibana.yml
Yes, this is a yellow cluster, but then again, it is a test cluster on a single machine.
This seemed to work for some days, and the it stopped. tcpdump showed packets arriving at the machine, but not really responding back after the three way handshake. So the old mantra kicked in:
It is a MTU problem.
Editing daemon.json to accommodate for that assumption:
{
"mtu": 1400
}
and logging was back to normal.
I really hate fixes like this, but sometimes when pressed by other priorities they present a handy arsenal.
Managing organized complexity 