getaddrinfo(host='cloud.humio.com:443'): Name or service not known

[gregbird101]

Situation: I have followed the instructions to launch the helm chart and I get the below error Background: Followed these instructions https://library.humio.com/stable/docs/ingesting-data/log-formats/kubernetes/index.html Assessment: It seems that the fluentbit container is unable to resolve DNS however loading up a DNS utils pod in the same namespace it can Recommendation: I have tried IP the cloud humio IP addresses and other enpoint options https://library.humio.com/reference/endpoints/#endpoints

Any help would be welcome - is it possible to launch the helm chart with the fluentbit debug pod to allow shell or bash?

[2022/01/31 09:50:47] [ warn] net_tcp_fd_connect: getaddrinfo(host='cloud.humio.com:443'): Name or service not known
[2022/01/31 09:50:47] [ warn] net_tcp_fd_connect: getaddrinfo(host='cloud.humio.com:443'): Name or service not known
[2022/01/31 09:50:47] [ warn] net_tcp_fd_connect: getaddrinfo(host='cloud.humio.com:443'): Name or service not known
[2022/01/31 09:50:47] [error] [io_tls] flb_io_tls.c:359 NET - Connection was reset by peer
[2022/01/31 09:50:47] [error] [io_tls] flb_io_tls.c:359 NET - Connection was reset by peer
[2022/01/31 09:50:47] [error] [io_tls] flb_io_tls.c:359 NET - Connection was reset by peer

Actions: Setup helm

helm repo add humio https://humio.github.io/humio-helm-charts
helm repo update

Create file: humio-agent.yml

humio-fluentbit:
  enabled: true
  humioHostname: cloud.humio.com:9200
  es:
    tls: true

Setup Helm

helm install humio humio/humio-helm-charts \
  --namespace logging \
  --set humio-fluentbit.token=REDACTED \
  --values humio-agent.yml

Create DNS utils

apiVersion: v1
kind: Pod
metadata:
  name: dnsutils
  namespace: logging
spec:
  containers:
  - name: dnsutils
    image: k8s.gcr.io/e2e-test-images/jessie-dnsutils:1.3
    command:
      - sleep
      - "3600"
    imagePullPolicy: IfNotPresent
    resources:
      requests:
        memory: "64Mi"
        cpu: "250m"
      limits:
        memory: "128Mi"
        cpu: "500m"
  restartPolicy: Always

Check all DNS is working

kubectl exec -n logging -i -t dnsutils -- nslookup cloud.humio.com
kubectl exec -n logging -ti dnsutils -- cat /etc/resolv.conf
kubectl get pods --namespace=kube-system -l k8s-app=kube-dns
kubectl get svc --namespace=kube-system 
kubectl get endpoints kube-dns --namespace=kube-system

--- Update ---

• I have rebuilt the helm chart with image: fluent/fluent-bit:1.8.12-debug
• Upped the ram
• install iputils-ping
• Can ping below

  root@humio-fluentbit-hn58j:/# ping cloud.humio.com
  PING cloud.humio.com (3.123.183.86) 56(84) bytes of data.
  ^C
  --- cloud.humio.com ping statistics ---
  3 packets transmitted, 0 received, 100% packet loss, time 2000ms

• apt install telnet

  root@humio-fluentbit-hn58j:/# telnet cloud.humio.com 443
  Trying 3.66.81.63...
  Connected to cloud.humio.com.

• apt install curl

  root@humio-fluentbit-hn58j:/# curl -k https://cloud.humio.com
  <!doctype html><html lang="en"><head><meta charset="utf-8"><meta name="referrer" content="no-referrer"><meta http-equiv="x-ua-compatible" content="ie=edge"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#456CE3"><meta name="application-name" content="Humio"><base href="/"/><meta name="api-url" content="/"><meta name="color-scheme" content="dark light"><link rel="shortcut icon" href="favicon.ico"><title>Humio</title><script defer="defer" src="./static/js/runtime~main.97e6f1d1.js"></script><script defer="defer" src="./static/js/144.065ba5b6.js"></script><script defer="defer" src="./static/js/main.4131c5af.js"></script><link href="./static/css/main.38396a22.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run Humio.</noscript><div id="browser-support" style="display:none;z-index:2;position:fixed;top:0;left:0;right:0;background-color:red;color:#fff;padding:20px"><div style="text-align:center"><div style="display:inline-block;text-align:left;vertical-align:middle"><span style="font-weight:700">Your browser version is not supported by Humio.</span> As a result you may broken functionality and visual errors.<br/>We recommend using one of the following browsers for the best experience:<div id="browser-support__versions" style="text-transform:capitalize"></div></div><div style="display:inline-block;color:#000;margin-left:30px;vertical-align:middle"><button id="browser-support__close">Close</button></div></div></div><div id="root" style="z-index:1;position:relative"><div id="elm-isolation"></div></div></body></html>root@humio-fluentbit-hn58j:/#

------- PARTIAL SOLVE ------------- edit the values.yaml humio-helm/humio-helm-charts/charts/humio-fluentbit/values.yaml

outputConfig: |-
  [OUTPUT]
      Name  es
      Match *
      Host cloud.humio.com <=========== HARDCODED
      Port 443 <==================== HARDCODED
      tls ${FLUENT_ELASTICSEARCH_TLS}
      tls.verify true <================= HARDCODED
      HTTP_User test123
      HTTP_Passwd ${HUMIO_INGEST_TOKEN}
      Logstash_Format On
      Retry_Limit False
      Type  flb_type
      Time_Key @timestamp
      Replace_Dots On
      Logstash_Prefix FluentBitHelmChart
      Buffer_Size 5MB

helm upgrade humio ./humio-helm/humio-helm-charts --set humio-fluentbit.token=REDACTED --namespace logging --values humio-agent.yml I get data in humio syslog-k8s: 23423 errors 23423 events

------- SOLVE ------------ Its to do with the :433

THIS BREAKS

humio-fluentbit:
  enabled: true
  humioHostname: cloud.humio.com:443
  es:
    tls: true

THIS WORKS

humio-fluentbit:
  enabled: true
  humioHostname: cloud.humio.com
  es:
    tls: true

Detail: Where i fell down is in the documentation "Replace $YOUR_HUMIO_URL with the hostname of your Humio installation." in here It links straight to endpoints Which has both URL and PORT.

Would it be possible to add an example of the above?

Also further Options could be that we split out the URL and port so when its passed to the values.yml it doesn't get evaluated as one?