Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Critical
Fix Version/s: Logging 5.5.0
Affects Version/s: Logging 5.5.0
Component/s: Log Collection
Labels:
- devel_ack+

Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Epic Link:
Enable STS Cloudwatch Role
Docs QE Status:
NEW
QE Status:
VERIFIED
Steps to Reproduce:
Hide

Version-Release number

Cluster-logging-operator:5.5 commit date: Thu Jun 16 18:28:20 2022 +0000 commit.id: "f7c44df1e9ce0b4b787c28bce09ae19747a883d0";

1. Create IAM Roles and AWS STS secret for logging on the STS cluster.
https://gitlab.cee.redhat.com/aosqe/aosqe-tools/-/blob/master/logging/log_template/cloudwatch/deploy_aws-sts_secret.sh
2. Deploy CLF

apiVersion: logging.openshift.io/v1 kind: ClusterLogForwarder metadata: name: instance namespace: openshift-logging spec: outputs: - name: cloudwatch type: cloudwatch cloudwatch: groupBy: logType region: us-east-2 secret: name: cloudwatch-credentials pipelines: - name: to-cloudwatch inputRefs: - infrastructure - application - audit outputRefs: - cloudwatch

3. Deploy ClusterLogging instance

apiVersion: "logging.openshift.io/v1" kind: "ClusterLogging" metadata: name: "instance" namespace: openshift-logging spec: managementState: "Managed" collection: logs: type: "fluentd" fluentd: {}
Show
Version-Release number Cluster-logging- operator :5.5 commit date: Thu Jun 16 18:28:20 2022 +0000 commit.id: "f7c44df1e9ce0b4b787c28bce09ae19747a883d0" ; 1. Create IAM Roles and AWS STS secret for logging on the STS cluster. https://gitlab.cee.redhat.com/aosqe/aosqe-tools/-/blob/master/logging/log_template/cloudwatch/deploy_aws-sts_secret.sh 2. Deploy CLF apiVersion: logging.openshift.io/v1 kind: ClusterLogForwarder metadata: name: instance namespace: openshift-logging spec: outputs: - name: cloudwatch type: cloudwatch cloudwatch: groupBy: logType region: us-east-2 secret: name: cloudwatch-credentials pipelines: - name: to-cloudwatch inputRefs: - infrastructure - application - audit outputRefs: - cloudwatch 3. Deploy ClusterLogging instance apiVersion: "logging.openshift.io/v1" kind: "ClusterLogging" metadata: name: "instance" namespace: openshift-logging spec: managementState: "Managed" collection: logs: type: "fluentd" fluentd: {}

Sprint:
Logging (Core) - Sprint 220, Log Collection - Sprint 221

SFDC Cases Links:
SFDC Cases Open:
SFDC Cases Counter:

When using sts role secret, the clf/instance raises error below.

{
  "conditions": [
    
{       "lastTransitionTime": "2022-06-17T06:03:08Z",       "message": "all pipelines invalid: [to-cloudwatch]",       "reason": "Invalid",       "status": "False",       "type": "Ready"     }
  ],
  "outputs": {
    "cloudwatch": [
      
{         "lastTransitionTime": "2022-06-17T06:03:08Z",         "message": "auth keys: aws_access_key_id and aws_secret_access_key are required",         "reason": "MissingResource",         "status": "False",         "type": "Ready"       }
    ]
  },
  "pipelines": {
    "to-cloudwatch": [
      
{         "lastTransitionTime": "2022-06-17T06:03:08Z",         "message": "invalid: unrecognized outputs: [cloudwatch], no valid outputs",         "reason": "Invalid",         "status": "False",         "type": "Ready"       }
    ]
  }
}

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

deploy_aws-sts_secret_new.sh
4 kB
2022/06/24 2:48 PM

relates to

LOG-2767 sts cloudwatch secret should accept the secret format from credential requests

Closed

Assignee:: Casey Hartman

Reporter:: Anping Li

QA Contact:: Anping Li

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2022/06/17 6:12 AM

Updated:: 2022/08/03 6:15 PM

Resolved:: 2022/07/05 2:36 PM

Details

Description

Attachments

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates