I tried to declare variable on the system with:
export FLUENTD_USER=myuserexport FLUENTD_PASSWORD=mypassword
But when I start up td-agent this is my log:
2021-10-22 14:48:12 +0000 [warn]: #0 Could not communicate to Elasticsearch, resetting connection and trying again. [401] {"error":{"root_cause":[{"type":"security_exception","reason":"unable to authenticate user [] for REST request [/]","header":{"WWW-Authenticate":["Basic realm=\"security\" charset=\"UTF-8\"","Bearer realm=\"security\"","ApiKey"]}}],"type":"security_exception","reason":"unable to authenticate user [] for REST request [/]","header":{"WWW-Authenticate":["Basic realm=\"security\" charset=\"UTF-8\"","Bearer realm=\"security\"","ApiKey"]}},"status":401}
2021-10-22 14:48:12 +0000 [warn]: #0 Remaining retry: 10. Retry to communicate after 32 second(s).
Seems like credentials are not interpolated. If I just put the plain text credentials in elasticsearch.conf it works just fine.
I also tried to sudo -u td-agent echo $FLUENTD_PASSWORD and it shows the correct value of the variable.
Steps to replicate
Configure td-agent to use environment variables in configs instead of plain text credentials:
user "#{ENV['FLUENTD_USER']}"
password "#{ENV['FLUENTD_PASSWORD']}"
Problem
Hello, I'm having issues in using environment variables for ES credentials. My configs are structured like this:
elasticsearch.conf
file is:"I'm running
td-agent 4.2.0 fluentd 1.13.3 (12de3b5a260a174fe4a419036d6e2b2e18fe7497)
onI tried to declare variable on the system with:
export FLUENTD_USER=myuser
export FLUENTD_PASSWORD=mypassword
But when I start up td-agent this is my log:
Seems like credentials are not interpolated. If I just put the plain text credentials in
elasticsearch.conf
it works just fine.I also tried to
sudo -u td-agent echo $FLUENTD_PASSWORD
and it shows the correct value of the variable.Steps to replicate
Configure td-agent to use environment variables in configs instead of plain text credentials:
Export the variables:
Start up
td-agent
service.Expected Behavior or What you need to ask
How should this be configured to avoid plain text credentials in configs files?
Using Fluentd and ES plugin versions
Ubuntu 20.04.3 LTS"
td-agent 4.2.0 fluentd 1.13.3 (12de3b5a260a174fe4a419036d6e2b2e18fe7497)
fluentd --version
ortd-agent --version
elasticsearch (7.13.3) elasticsearch-api (7.13.3) elasticsearch-transport (7.13.3)