Details
-
Bug
-
Resolution: Done
-
Undefined
-
Logging 5.4.0
-
False
-
False
-
NEW
-
OBSDA-108 - Distribute an alternate Vector Log Collector
-
VERIFIED
Description
Description of the problem:
When a ClusterLogForwarder to forward logs to external elasticsearch is created with a secret containing basic auth creds, the creds are not added to the generated Vector config.
Steps to reproduce the issue:
1 Create a ClusterLogging instance with Vector as the collector.
2 Create a secret with basic auth.
oc create secret generic pipelinesecret --from-literal=username=redhat --from-literal=password=redhat oc get secrets pipelinesecret -o yaml apiVersion: v1 data: password: cmVkaGF0 username: cmVkaGF0 kind: Secret metadata: creationTimestamp: "2021-12-17T07:49:07Z" name: pipelinesecret namespace: openshift-logging resourceVersion: "104959" uid: 9ad89b6b-a002-4e77-b1bd-a8274ad01811 type: Opaque
3 Create a ClusterLogForwarder instance to forward logs to an external elasticsearch instance and containing the basic auth secret.
apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
name: instance
namespace: openshift-logging
spec:
outputs:
- name: es-created-by-user
type: elasticsearch
url: 'http://elasticsearch-server.openshift-logging.svc:9200'
secret:
name: pipelinesecret
pipelines:
- name: forward-to-external-es
inputRefs:
- infrastructure
- application
- audit
outputRefs:
- es-created-by-user
4 Extract and check the generated Vector config.
oc extract cm/collector [sinks.es_created_by_user] type = "elasticsearch" inputs = ["elasticsearch_preprocess"] endpoint = "http://elasticsearch-server.openshift-logging.svc:9200" index = "{{ log_type }}-write" request.timeout_secs = 2147483648 bulk_action = "create" id_key = "_id" # Basic Auth Config [sinks.es_created_by_user.auth] strategy = "basic" user = "" password = ""
