Uploaded image for project: 'OpenShift Logging'
  1. OpenShift Logging
  2. LOG-2742

unrecognized outputs when use the sts role secret

XMLWordPrintable

    • False
    • None
    • False
    • NEW
    • OBSDA-59 - CloudWatch log forwarding add-on needs to support STS installations
    • VERIFIED
    • Hide

      Version-Release number

      Cluster-logging-operator:5.5
commit date: Thu Jun 16 18:28:20 2022 +0000
commit.id: "f7c44df1e9ce0b4b787c28bce09ae19747a883d0";

      1. Create IAM Roles and AWS STS secret for logging on the STS cluster.
      https://gitlab.cee.redhat.com/aosqe/aosqe-tools/-/blob/master/logging/log_template/cloudwatch/deploy_aws-sts_secret.sh
      2. Deploy CLF

      apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
  name: instance
  namespace: openshift-logging
spec:
  outputs:
  - name: cloudwatch
    type: cloudwatch
    cloudwatch:
      groupBy: logType
      region: us-east-2
    secret:
      name: cloudwatch-credentials
  pipelines:
  - name: to-cloudwatch
    inputRefs:
    - infrastructure
    - application
    - audit
    outputRefs:
    - cloudwatch

      3. Deploy ClusterLogging instance

      apiVersion: "logging.openshift.io/v1"
kind: "ClusterLogging"
metadata:
  name: "instance"
  namespace: openshift-logging
spec:
  managementState: "Managed"
  collection:
    logs:
      type: "fluentd"
      fluentd: {}
      Show
      Version-Release number Cluster-logging- operator :5.5 commit date: Thu Jun 16 18:28:20 2022 +0000 commit.id: "f7c44df1e9ce0b4b787c28bce09ae19747a883d0" ; 1. Create IAM Roles and AWS STS secret for logging on the STS cluster. https://gitlab.cee.redhat.com/aosqe/aosqe-tools/-/blob/master/logging/log_template/cloudwatch/deploy_aws-sts_secret.sh 2. Deploy CLF apiVersion: logging.openshift.io/v1 kind: ClusterLogForwarder metadata:   name: instance   namespace: openshift-logging spec:   outputs:   - name: cloudwatch     type: cloudwatch     cloudwatch:       groupBy: logType       region: us-east-2     secret:       name: cloudwatch-credentials   pipelines:   - name: to-cloudwatch     inputRefs:     - infrastructure     - application     - audit     outputRefs:     - cloudwatch 3. Deploy ClusterLogging instance apiVersion: "logging.openshift.io/v1" kind: "ClusterLogging" metadata:   name: "instance"   namespace: openshift-logging spec:   managementState: "Managed"   collection:     logs:       type: "fluentd"       fluentd: {}
    • Logging (Core) - Sprint 220, Log Collection - Sprint 221

      When using sts role secret, the clf/instance raises error below. 

      {
  "conditions": [
    
{       "lastTransitionTime": "2022-06-17T06:03:08Z",       "message": "all pipelines invalid: [to-cloudwatch]",       "reason": "Invalid",       "status": "False",       "type": "Ready"     }
  ],
  "outputs": {
    "cloudwatch": [
      
{         "lastTransitionTime": "2022-06-17T06:03:08Z",         "message": "auth keys: aws_access_key_id and aws_secret_access_key are required",         "reason": "MissingResource",         "status": "False",         "type": "Ready"       }
    ]
  },
  "pipelines": {
    "to-cloudwatch": [
      
{         "lastTransitionTime": "2022-06-17T06:03:08Z",         "message": "invalid: unrecognized outputs: [cloudwatch], no valid outputs",         "reason": "Invalid",         "status": "False",         "type": "Ready"       }
    ]
  }
}
 

       

        1. deploy_aws-sts_secret_new.sh
          4 kB

            cahartma@redhat.com Casey Hartman
            rhn-support-anli Anping Li
            Anping Li Anping Li
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: