Uploaded image for project: 'OpenShift Logging'
  1. OpenShift Logging
  2. LOG-2056

Wrong certificates used by fluentd when log forwarding to external Elasticsearch and defined structuredTypeKey

XMLWordPrintable

    • False
    • False
    • NEW
    • VERIFIED
    • Hide
      Before this update, when the ClusterLogForwarder was setup with Elasticsearch OutputDefault, and Elasticsearch outputs did not have structured keys, the output secret with the default secret used to communicate to the default log store. This update corrects the secret used.
      Show
      Before this update, when the ClusterLogForwarder was setup with Elasticsearch OutputDefault, and Elasticsearch outputs did not have structured keys, the output secret with the default secret used to communicate to the default log store. This update corrects the secret used.
    • Logging (Core) - Sprint 211

      ENV

       

      $ oc get csv
      NAME                              DISPLAY                            VERSION    REPLACES                          PHASE
      cluster-logging.5.3.0-55          Red Hat OpenShift Logging          5.3.0-55   cluster-logging.5.2.3-31          Succeeded
      elasticsearch-operator.5.3.0-67   OpenShift Elasticsearch Operator   5.3.0-67   elasticsearch-operator.5.2.3-31   Succeeded

      ISSUE

      Having a ClusterLogForwarder configuration like this:

       

      spec:
        outputDefaults:
          elasticsearch:
            structuredTypeKey: kubernetes.labels.app
            structuredTypeName: nologformat
        outputs:
        - name: external-elasticsearch
          secret:
            name: log-forwarder-secret
          type: elasticsearch
          url: https://elasticsearch.example.com:443
        pipelines:
        - inputRefs:
          - application
          name: application-logs
          outputRefs:
          - external-elasticsearch
          parse: json

       

      Then fluentd config generated is like this:

       

      $ oc get cm collector -o json | jq '.data."fluent.conf"' -r

      ...

        <match **>
          @type elasticsearch
          @id external_elasticsearch
          host elasticsearch.example.com
          port 443
          verify_es_version_at_startup false
          scheme https
          ssl_version TLSv1_2
          client_key '/var/run/ocp-collector/secrets/collector/tls.key'
          client_cert '/var/run/ocp-collector/secrets/collector/tls.crt'
          ca_file '/var/run/ocp-collector/secrets/collector/ca-bundle.crt'
          target_index_key viaq_index_name

       

      Where it's visible that the `client_key`, `client_cert` and `ca_file` are wrong.

       

      This only happens when you define in the CLF this section:

        outputDefaults:
          elasticsearch:
            structuredTypeKey: kubernetes.labels.app
            structuredTypeName: nologformat

       

      If the CLF instance definition is like this:

      spec:
        outputs:
        - name: external-elasticsearch
          secret:
            name: log-forwarder-secret
          type: elasticsearch
          url: https://elasticsearch.example.com:443
        pipelines:
        - inputRefs:
          - application
          name: application-logs
          outputRefs:
          - external-elasticsearch
          parse: json

      The fluentd config generated is correct.

            jcantril@redhat.com Jeffrey Cantrill
            rhn-support-ocasalsa Oscar Casal Sanchez
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: