I’m setting up a logstash container to receive and parse syslog messages shipped from a DHCP server. I can verify that these messages are being received on the docker host, but not in the logstash container running on that host. Docker is running in swarm mode with one manager and two workers. The logstash container was deployed as part of a stack. When running as a standalone container the syslog messages get to the container, but when I deploy it to the swarm the syslog messages are no longer reaching the container. The odd thing is that even though this isn’t working when deployed in the swarm, I can log into the DHCP server and using echo and nc I can successfully send messages to the logstash container running in the swarm.
To put it simpler, sending messages from remote host to logstash container doesn’t work when the container is deployed as a service in a swarm (while test messages sent from the same remote host to the same port are received) but everything works as expected when the same image is run as a standalone container.
I’m sure there’s something simple I’m missing here. Any advise is greatly appreciated.