Open bramamad opened 3 years ago
Will someone have a look at this error ? Or what can I do for solving this problem ?
Hello, I'm having the same problem, did you find a solution ?
Hi, no I never got a solution for this fluentd problem. - Now I changed it and we use filebeat with kafka output as log collector. That works and is a lot more easier. Unfortunately, it is a site specific solution.
Hello, I finally found the solution in banzaicloud documentation, edit the output yaml configuration and replace the keys "valueFrom" by "mountFrom". It will automaticcaly mount the secrets in files, and use these files in the fluentd configuration. It would be great if rancher could generate the configuration with the right keys !
This repository uses a bot to automatically label issues which have not had any activity (commit/comment/label) for 60 days. This helps us manage the community issues better. If the issue is still relevant, please add a comment to the issue so the bot can remove the label and we know it is still valid. If it is no longer relevant (or possibly fixed in the latest release), the bot will automatically close the issue in 14 days. Thank you for your contributions.
Similar issue with Splunk https://github.com/rancher/rancher/issues/31810
This is a bug in the upstream chart https://github.com/banzaicloud/logging-operator/issues/833 I do not know of any workarounds at this time.
Setting as “Need Info” as full-in for Blocked status as we’re blocked by upstream issue.
There is an underlying Rancher UI bug here, since, the form for ClusterOutput, let's say for elasticsearch, will offer the user to choose a secret (for example as a ca_file)
and would generate in the YAML valueFrom
instead of the expected mountFrom
:
@belgaied2 Does that mean if we did the yaml correctly, then this use case would work?
@deniseschannon That's what I tested, the ClusterOutput would work correctly (at least in my tests with Elasticsearch). As the Logging Operator is supposed to take mountFrom
instead of valueFrom
, the bug referenced by @paynejacob is actually one that can cause misconfiguration because valueFrom
is accepted for SSL certificates where it should not!
As mentioned above by @bsauvajon _
Hello, I finally found the solution in banzaicloud documentation, edit the output yaml configuration and replace the keys "valueFrom" by "mountFrom". It will automaticcaly mount the secrets in files, and use these files in the fluentd configuration. It would be great if rancher could generate the configuration with the right keys !
So, basically, though Rancher is capable through the UI abstraction to avoid the possible misconfiguration by generating the right mountFrom
, it does cause the misconfiguration by generating valueFrom
.
So, yes, short answer is : generating the yaml correctly would most certainly solve the issue/use case.
BTW @deniseschannon the problem at hand is better described in this issue : rancher/dashboard#5157
Thanks for your detail @belgaied2!
Since these look like UI related issues, I've transferred them into the dashboard repo, but in general, any and all UI issues should be filed in rancher/dashboard
What kind of request is this (question/bug/enhancement/feature request):
Steps to reproduce (least amount of steps as possible):
Result:
read' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluent-plugin-kafka-0.14.0/lib/fluent/plugin/kafka_plugin_util.rb:41:in
read_ssl_file' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluent-plugin-kafka-0.14.0/lib/fluent/plugin/out_kafka2.rb:109:inrefresh_client' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluent-plugin-kafka-0.14.0/lib/fluent/plugin/out_kafka2.rb:182:in
start' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluentd-1.11.2/lib/fluent/root_agent.rb:200:inblock in start' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluentd-1.11.2/lib/fluent/root_agent.rb:179:in
block (2 levels) in lifecycle' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluentd-1.11.2/lib/fluent/agent.rb:121:inblock (2 levels) in lifecycle' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluentd-1.11.2/lib/fluent/agent.rb:120:in
each' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluentd-1.11.2/lib/fluent/agent.rb:120:inblock in lifecycle' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluentd-1.11.2/lib/fluent/agent.rb:113:in
each' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluentd-1.11.2/lib/fluent/agent.rb:113:inlifecycle' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluentd-1.11.2/lib/fluent/root_agent.rb:178:in
block in lifecycle' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluentd-1.11.2/lib/fluent/root_agent.rb:175:ineach' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluentd-1.11.2/lib/fluent/root_agent.rb:175:in
lifecycle' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluentd-1.11.2/lib/fluent/root_agent.rb:199:instart' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluentd-1.11.2/lib/fluent/engine.rb:248:in
start' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluentd-1.11.2/lib/fluent/engine.rb:147:inrun' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluentd-1.11.2/lib/fluent/supervisor.rb:603:in
block in run_worker' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluentd-1.11.2/lib/fluent/supervisor.rb:840:inmain_process' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluentd-1.11.2/lib/fluent/supervisor.rb:594:in
run_worker' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluentd-1.11.2/lib/fluent/command/fluentd.rb:361:in<top (required)>' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/2.7.0/rubygems/core_ext/kernel_require.rb:72:in
require' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/2.7.0/rubygems/core_ext/kernel_require.rb:72:inrequire' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/lib/ruby/gems/2.7.0/gems/fluentd-1.11.2/bin/fluentd:8:in
<top (required)>' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/bin/fluentd:23:inload' 2020-11-25 09:06:03 +0000 [error]: fluent/supervisor.rb:839:main_process: /usr/bin/fluentd:23:in
Other details that may be helpful:
ssl_client_cert -----BEGIN CERTIFICATE----- MIIGuDCCBaCgAwIBAgIUGhRjYZfN/5vrp6g81IWZiBFEnaowDQYJKoZIhvcNAQEL .............. 9IK9neCAOVxetolNOHhJ9Nk4ikimbMVK05ccBminuA58YKy7GdW3JkW2gl8= -----END CERTIFICATE-----
ssl_client_cert_key -----BEGIN PRIVATE KEY----- MIIEvgIBADAN...................... BdHSVLoJvXTOmHNLQfqQuNuZpLzlzSS44oRg26lr8AOWVaCfRPZ1Qw1UiqyIB6OP nh4qO1W8QOa10RnTBGyldJOu -----END PRIVATE KEY-----
ssl_client_cert /fluentd/etc/config/ssl/cluster_c-9d8lb_client-cert.pem ssl_client_cert_key /fluentd/etc/config/ssl/cluster_c-9d8lb_client-key.pem container (1).log
Environment information
rancher/rancher
/rancher/server
image tag or shown bottom left in the UI): v2.5.2