Not able to access the Graylog Web Interface

[mukeshchouhan]

Describe the bug Not able to access the Graylog Web Interface

Version of Helm and Kubernetes:

[root@cdc-centos-200 stable]# helm version
Client: &version.Version{SemVer:"v2.15.1", GitCommit:"cf1de4f8ba70eded310918a8af3a96bfe8e7683b", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.15.1", GitCommit:"cf1de4f8ba70eded310918a8af3a96bfe8e7683b", GitTreeState:"clean"}
[root@cdc-centos-200 stable]# kubectl version

Client Version: version.Info{Major:"1", Minor:"14", GitVersion:"v1.14.1", GitCommit:"b7394102d6ef778017f2ca4046abbaa23b88c290", GitTreeState:"clean", BuildDate:"2019-04-08T17:11:31Z", GoVersion:"go1.12.1", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"14", GitVersion:"v1.14.1", GitCommit:"b7394102d6ef778017f2ca4046abbaa23b88c290", GitTreeState:"clean", BuildDate:"2019-04-08T17:02:58Z", GoVersion:"go1.12.1", Compiler:"gc", Platform:"linux/amd64"}

ElasticSearch Version : 6.8.1 MongoDB Version: 3.6

Which chart: stable/graylog

What happened: Not able to access the Graylog Web Interface with graylog-web Node Port. It is just getting stuck. http://xxx.xxx.xxx.xxx:32046/

Please find the helm status below -

[root@cdc-centos-200 stable]# helm status graylog
LAST DEPLOYED: Sat Dec  7 18:54:49 2019
NAMESPACE: graylog
STATUS: DEPLOYED

RESOURCES:
==> v1/ConfigMap
NAME     DATA  AGE
graylog  3     8m41s

==> v1/Pod(related)
NAME       READY  STATUS   RESTARTS  AGE
graylog-0  1/1    Running  0         8m41s
graylog-1  1/1    Running  0         7m27s
graylog-2  1/1    Running  0         6m9s
graylog-3  1/1    Running  0         5m
graylog-4  1/1    Running  0         3m55s

==> v1/Secret
NAME     TYPE    DATA  AGE
graylog  Opaque  2     8m41s

==> v1/Service
NAME            TYPE      CLUSTER-IP      EXTERNAL-IP  PORT(S)          AGE
graylog-master  NodePort  10.111.184.214  <none>       9001:30420/TCP   8m41s
graylog-tcp     NodePort  10.104.77.181   <none>       12222:31995/TCP  8m41s
graylog-web     NodePort  10.107.41.92    <none>       9000:32046/TCP   8m41s

==> v1/ServiceAccount
NAME     SECRETS  AGE
graylog  1        8m41s

==> v1/StatefulSet
NAME     READY  AGE
graylog  5/5    8m41s

==> v1beta1/Role
NAME     AGE
graylog  8m41s

==> v1beta1/RoleBinding
NAME     AGE
graylog  8m41s

NOTES:
To connect to your Graylog server:

1. Get the application URL by running these commands:

  export NODE_PORT=$(kubectl get --namespace graylog -o jsonpath="{.spec.ports[0].nodePort}" services graylog)
  export NODE_IP=$(kubectl get nodes --namespace graylog -o jsonpath="{.items[0].status.addresses[0].address}")
  echo http://$NODE_IP:$NODE_PORT

2. The Graylog root users

  echo "User: admin"
  echo "Password: $(kubectl get secret --namespace graylog graylog -o "jsonpath={.data['graylog-password-secret']}" | base64 --decode)"

To send logs to graylog:

  NOTE: If `graylog.input` is empty, you cannot send logs from other services. Please make sure the value is not empty.
        See https://github.com/helm/charts/tree/master/stable/graylog#input for detail
1. TCP
  export NODE_PORT=$(kubectl get --namespace graylog -o jsonpath="{.spec.ports[0].nodePort}" services graylog)
  export NODE_IP=$(kubectl get nodes --namespace graylog -o jsonpath="{.items[0].status.addresses[0].address}")
  echo $NODE_IP:$NODE_PORT

What you expected to happen: Graylog Web interface should open

[flyinbutrs]

I have a similar issue. I've got it setup with annotations to have an ELB in front, but loading the Web service through the container, I still see the container IP address as where it's trying to load the js files from.

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Any further update will cause the issue/pull request to no longer be considered stale. Thank you for your contributions.

[mukeshchouhan]

Got it fixed by adding ingress through value.yml

[flyinbutrs]

@mukeshchouhan - any chance you could post an anonymized version of that values.yml? I haven't been able to get it working.

[mukeshchouhan]

Please find below the sample values.yml file. I have deployed elastic and mongodb instances separately.

# Default values for Graylog.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.

rbac:
  # Specifies whether RBAC resources should be created
  ##
  create: true

serviceAccount:
  # Specifies whether a ServiceAccount should be created
  ##
  create: true
  # The name of the ServiceAccount to use.
  # If not set and create is true, a name is generated using the fullname template
  ##
  name:

tags:
  # If true, this chart will install Elasticsearch from requirement dependencies
  install-elasticsearch: false
  # If true, this chart will install MongoDB replicaset from requirement dependencies
  install-mongodb: false

graylog:
  ## Graylog image version
  ## Ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
  ##
  ## Important note: Official Graylog Docker image may replace the existing Docker image tags and cause some corrupt when starting the pod.
  ## Make sure you strict with the `x` version of Graylog where `x` is ${version}-${x}
  ##
  image:
    repository: "docker.prod.foo.com:5000/graylog:3.1"
    pullPolicy: "IfNotPresent"

  ## Number of Graylog instance
  ##
  replicas: 5

  ## Additional environment variables to be added to Graylog pods
  ##
  env: {
    "http_proxy": "http://proxy.foo.com:8080",
    "https_proxy": "http://proxy.foo.com:8080"
  }

  ## Pod affinity
  ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
  ##
  affinity: {}

  ## Node tolerations for node-exporter scheduling to nodes with taints
  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
  ##
  tolerations: []
    # - key: "key"
    #   operator: "Equal|Exists"
    #   value: "value"
    #   effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)"

  ## Node labels for node-exporter pod assignment
  ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
  ##
  nodeSelector: {dc: abc}

  ## Annotations to be added to Graylog pods
  ##
  podAnnotations: {}

  persistence:
    ## If true, Graylog will create/use a Persistent Volume Claim
    ## If false, use emptyDir
    ##
    enabled: true
    ## Graylog data Persistent Volume access modes
    ## Must match those of existing PV or dynamic provisioner
    ## Ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
    ##
    accessMode: ReadWriteOnce
    ## Graylog data Persistent Volume size
    ##
    size: "500G"
    ## Graylog data Persistent Volume Storage Class
    ## If defined, storageClassName: <storageClass>
    ## If set to "-", storageClassName: "", which disables dynamic provisioning
    ## If undefined (the default) or set to null, no storageClassName spec is
    ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
    ##   GKE, AWS & OpenStack)
    ##
    storageClass: "local-storage"

  ## Additional plugins you need to install on Graylog.
  ##
  plugins:
    - name: graylog-plugin-slack-notification-3.1.1.jar
      url: https://github.com/omise/graylog-plugin-slack-notification/releases/download/v3.1.1/graylog-plugin-slack-notification-3.1.1.jar
    # - name: graylog-plugin-function-check-diff-1.0.0.jar
    #   url: https://github.com/omise/graylog-plugin-function-check-diff/releases/download/1.0.0/graylog-plugin-function-check-diff-1.0.0.jar
    # - name: graylog-plugin-auth-sso-3.0.0.jar
    #   url: https://github.com/Graylog2/graylog-plugin-auth-sso/releases/download/3.0.0/graylog-plugin-auth-sso-3.0.0.jar

  ## Additional init containers
  ##
  extraInitContainers: []

  ## Additional volume mounts
  ##
  extraVolumeMounts: []

  ## Additional volumes
  ##
  extraVolumes: []

  ## A service for Graylog web interface
  ##
  service:
    type: ClusterIP
    port: 9000

    master:
      ## Graylog master service Ingress annotations
      ##
      annotations: {}
      ## Graylog master service port.
      ##
      port: 9000

  ## Additional input ports for receiving logs from servers
  ## Note: Name must be in IANA_SVC_NAME (at most 15 characters, matching regex [a-z0-9]([a-z0-9-]*[a-z0-9])* and it must contains at least one letter [a-z], hyphens cannot be adjacent to other hyphens)
  ## Note: Array must be sorted by port order
  ##
  input:
   tcp:
     service:
       type: NodePort
     ports:
       - name: filebeat
         port: 5044
         nodePort: 32388
       - name: gelf-tcp
         port: 5045
         nodePort: 32389
       - name: gelf-http
         port: 5046
         nodePort: 32390
       - name: gelf-tls
         port: 5047
         nodePort: 32391
   udp:
     service:
       type: NodePort
     ports:
       - name: syslog
         port: 12222
         nodePort: 32392
       - name: gelf-udp
         port: 5048
         nodePort: 32393
  ingress:
    ## If true, Graylog server Ingress will be created
    ##
    enabled: true
    ## Graylog server Ingress annotations
    ##
    annotations:
      kubernetes.io/ingress.allow-http: true
      nginx.ingress.kubernetes.io/ssl-redirect: false
    ## Graylog server Ingress hostnames with optional path
    ## Must be provided if Ingress is enabled
    ## Note: Graylog does not support two URL. You can specify only single URL
    ##
    hosts:
      - graylog.k8s-infra.prod.foo.com

    ## Extra paths to prepend to every host configuration. This is useful when working with annotation based services.
    extraPaths: []
    # - path: /*
    #   backend:
    #     serviceName: ssl-redirect
    #     servicePort: use-annotation

    ## Graylog server Ingress TLS configuration
    ## Secrets must be manually created in the namespace
    ##
    tls: []
    #   - secretName: graylog-server-tls
    #     hosts:
    #       - graylog.yourdomain.com

  ## Configure resource requests and limits
  ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
  ##
  resources:
    limits:
      cpu: "6"
      memory: "10G"
    requests:
      cpu: "6"
      memory: "10G"

  ## Set Graylog Java heapsize. If this value empty, chart will allocate heapsize using `-XX:+UseCGroupMemoryLimitForHeap`
  ## ref: https://blogs.oracle.com/java-platform-group/java-se-support-for-docker-cpu-and-memory-limits
  ##
  heapSize: "7G"

  ## RollingUpdate update strategy
  ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
  ##
  updateStrategy: RollingUpdate
  ## Graylog server pod termination grace period
  ##
  terminationGracePeriodSeconds: 120

  metrics:
    ## If true, prometheus annotations will be attached
    ##
    enabled: false

  geoip:
    ## If true, Maxmind GeoLite2 will be installed to ${GRAYLOG_HOME}/geoip location
    ##
    enabled: false

  ## Graylog root user name
  ##
  rootUsername: "admin"

  ## Graylog root password
  ## Defaults to a random 16-character alphanumeric string if not set
  ##
  rootPassword: "graylog@s1234"

  ## Graylog root email
  ##
  rootEmail: ""

  ## Graylog root timezone
  ##
  rootTimezone: "UTC"

  ## Grayog existing root secret
  ##
  existingRootSecret: ""

  elasticsearch:
    ## List of Elasticsearch hosts Graylog should connect to.
    ## Need to be specified as a comma-separated list of valid URIs for the http ports of your elasticsearch nodes.
    ## If one or more of your elasticsearch hosts require authentication, include the credentials in each node URI that
    ## requires authentication.
    ##
    # hosts: http://elasticsearch-client.graylog.svc.cluster.local:9200
    hosts: http://elastic-client.default.svc.cluster.local:9200

  mongodb:
    ## MongoDB connection string
    ## See https://docs.mongodb.com/manual/reference/connection-string/ for details
    # uri: mongodb://user:pass@host1:27017,host2:27017,host3:27017/graylog?replicaSet=rs01
    uri: mongodb://mongodb-replicaset-0.mongodb-replicaset.default.svc.cluster.local:27017,mongodb-replicaset-1.mongodb-replicaset.default.svc.cluster.local:27017,mongodb-replicaset-2.mongodb-replicaset.default.svc.cluster.local:27017/graylog?replicaSet=rs0

    ## Increase this value according to the maximum connections your MongoDB server can handle from a single client
    ## if you encounter MongoDB connection problems.
    ##
    maxConnections: 1000

  transportEmail:
    ## If true, enable Email transport.
    ## See http://docs.graylog.org/en/3.0/pages/configuration/server.conf.html#email for detail
    ##
    enabled: true
    hostname: "smtp.foo.com"
    port: 25
    useAuth: false
    useTls: false
    useSsl: false
    authUsername: ""
    authPassword: ""
    subjectPrefix: "[graylog]"
    fromEmail: "noreply-graylog@foo.com"

  ## Additional graylog config which is defined on `graylog.conf`.
  ## You can find a complete list of graylog config from http://docs.graylog.org/en/3.0/pages/configuration/server.conf.html
  ## Graylog config is written in Java properites format. Make sure you write it correctly.
  ##
  # config: |
  #   elasticsearch_connect_timeout = 10s
  #   elasticsearch_socket_timeout = 60s
  #   elasticsearch_idle_timeout = -1s

  journal:
    ## Sometime Graylog journal continually grow up or corrupt and cause Graylog unable to start.
    ## You need to clean up all journal files in order to run the Graylog.
    ## Change `graylog.journal.deleteBeforeStart` to `true` to delete all journal files before start
    ## Note: All uncommitted logs will be permanently DELETED when this value is true
    ##
    deleteBeforeStart: false

  init:
    # Additional environment variables to be added to Graylog initContainer
    env: {}

    # Configure resource requests and limits for the Graylog StatefulSet initContainer
    resources: {}

  ## Additional server files will be deployed to /etc/graylog/server
  ## For example, you can put server certificates or authorized clients certificates here
  ##
  serverFiles: {}
    # graylog-server.key: |
    # graylog-server.cert: |

  ## Specify a Bash script to run as Kubernetes Job (running on Alpine with curl and bash packages already installed).
  ## Useful for calling the API to pre-configure some aspect of Graylog, as in the example.
  ##
  provisioner:
    enabled: false
    # script: |
    #  json='{
    #    "username_header": "X-Auth-Request-User",
    #    "fullname_header": "X-Auth-Request-User",
    #    "email_header": "X-Auth-Request-Email",
    #    "default_group": "Admin",
    #    "auto_create_user": true,
    #    "require_trusted_proxies": true,
    #    "trusted_proxies": "0.0.0.0/0",
    #    "default_email_domain": "mydomain.com",
    #    "sync_roles": false,
    #    "roles_header": "Roles"
    #  }'
    #  curl -v -u "admin:$GRAYLOG_PASSWORD_SECRET" -X PUT --header 'Content-Type: application/json' --header 'X-Requested-By: localhost' --data-binary "${json}" http://graylog-master:9000/api/plugins/org.graylog.plugins.auth.sso/config

## Specify Elasticsearch version from requirement dependencies. Ignore this seection if you install Elasticsearch manually.
## Note: Graylog 2.4 requires Elasticsearch version <= 5.6
# elasticsearch:
#   image:
#     repository: "docker.elastic.co/elasticsearch/elasticsearch-oss"
#     tag: "6.5.4"
#   cluster:
#     xpackEnable: false

[flyinbutrs]

Hate to be a pain, but could you edit that comment to have the YAML as either an attachment or inside of a code block? The indentations got all messed up by how you posted it.

[mukeshchouhan]

@flyinbutrs updated the yaml.