search

Graylog2 / docker-compose

A set of Docker Compose files that allow you to quickly spin up a Graylog instance for testing or demo purposes.
Apache License 2.0
415 stars 141 forks source link

Datanode fails to configure CA #71

Closed MotWakorb closed 3 months ago

MotWakorb commented 3 months ago

When attempting to deploy the open-core edition of Graylog from repo, the following happens:

I am able to get initial admin password and begin configuration. The datanode is found by the CA configuration tool. Once I go through the stops to provision certificates for the data nodes, the following happens:

2024-07-30T19:43:01.668Z WARN  [OpensearchProcessImpl] Opensearch process failed
org.apache.commons.exec.ExecuteException: Process exited with an error: 78 (Exit value: 78)
    at org.apache.commons.exec.DefaultExecutor.executeInternal(DefaultExecutor.java:355) ~[commons-exec-1.4.0.jar:1.4.0]
    at org.apache.commons.exec.DefaultExecutor.lambda$execute$0(DefaultExecutor.java:269) ~[commons-exec-1.4.0.jar:1.4.0]
    at java.base/java.lang.Thread.run(Unknown Source) [?:?]
2024-07-30T19:43:01.669Z WARN  [ProcessWatchdog] Process watchdog terminated after too many restart attempts
2024-07-30T19:43:01.670Z INFO  [ClusterNodeStateTracer] Updating cluster node 4fc9d834-875f-4c4f-a9cb-659aa8791e35 from UNAVAILABLE to UNAVAILABLE (reason: PROCESS_TERMINATED)

I'm admittedly struggling to debug this issue as it causes the datanode to fail and the initial setup goes back and notes "Failed to connect to datanode" afterward and never completes. Full log attached. graylog-datanode-1_logs.txt

todvora commented 3 months ago

Hello @MotWakorb, Thank you for your bug report. The actual issue is a bit different. From your logs:

java.lang.UnsupportedOperationException: seccomp unavailable: CONFIG_SECCOMP not compiled into kernel, CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed
at org.opensearch.bootstrap.SystemCallFilter.linuxImpl(SystemCallFilter.java:375) ~[opensearch-2.12.0.jar:2.12.0]

followed by 

[OpensearchProcessImpl] [2024-07-30T18:55:59,785][INFO ][o.o.b.BootstrapChecks    ] [datanode] bound or publishing to a non-loopback address, enforcing bootstrap checks
2024-07-30T18:55:59.797Z WARN  [OpensearchProcessImpl] ERROR: [1] bootstrap checks failed
2024-07-30T18:55:59.798Z WARN  [OpensearchProcessImpl] [1]: system call filters failed to install; check the logs and fix your configuration or disable system call filters at your own risk

Your kernel doesn't have the seccomp module installed, which blocks the startup of the opensearch inside the datanode.

You can try to fix that and install/enable the module in your system. Or, at your own risk, disable this bootstrap check by setting an env property opensearch.bootstrap.system_call_filter to false. This should bypass the check and allow you to start the datanode.

MotWakorb commented 3 months ago

That did it - thank you. I was missing that line and apologize for wasting your time!

todvora commented 3 months ago

No problem, I am glad I could help!