Uploaded image for project: 'OpenShift Logging'
  1. OpenShift Logging
  2. LOG-3313

Can't forward logs to lokistack without gateway.

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Not a Bug
    • Icon: Undefined Undefined
    • None
    • Logging 5.6.0
    • Log Collection
    • False
    • None
    • False
    • NEW
    • NEW

      Description of problem:

      Logs can't be forwarded to lokistack via distributor, many errors in collector pod:

      2022-11-23T06:56:39.461081Z ERROR sink{component_kind="sink" component_id=loki_stack component_type=loki component_name=loki_stack}:request{request_id=223}: vector_core::stream::driver: Service call failed. error=HttpError { error: CallRequest { source: hyper::Error(Io, Custom { kind: Other, error: Error { code: ErrorCode(1), cause: Some(Ssl(ErrorStack([Error { code: 336151570, library: "SSL routines", function: "ssl3_read_bytes", reason: "sslv3 alert bad certificate", file: "ssl/record/rec_layer_s3.c", line: 1544, data: "SSL alert number 42" }]))) } }) } } request_id=223
2022-11-23T06:56:39.822822Z ERROR sink{component_kind="sink" component_id=loki_stack component_type=loki component_name=loki_stack}:request{request_id=224}:http: vector::internal_events::http_client: HTTP error. error=connection error: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate:ssl/record/rec_layer_s3.c:1544:SSL alert number 42 error_type="request_failed" stage="processing"
2022-11-23T06:56:39.822930Z ERROR sink{component_kind="sink" component_id=loki_stack component_type=loki component_name=loki_stack}:request{request_id=224}: vector_core::stream::driver: Service call failed. error=HttpError { error: CallRequest { source: hyper::Error(Io, Custom { kind: Other, error: Error { code: ErrorCode(1), cause: Some(Ssl(ErrorStack([Error { code: 336151570, library: "SSL routines", function: "ssl3_read_bytes", reason: "sslv3 alert bad certificate", file: "ssl/record/rec_layer_s3.c", line: 1544, data: "SSL alert number 42" }]))) } }) } } request_id=224

      In loki distributor pod:

      2022/11/23 06:57:38 http: TLS handshake error from 10.129.2.61:55366: tls: client didn't provide a certificate
2022/11/23 06:57:38 http: TLS handshake error from 10.130.0.158:36174: tls: client didn't provide a certificate
2022/11/23 06:57:39 http: TLS handshake error from 10.129.0.72:57818: tls: client didn't provide a certificate
2022/11/23 06:57:39 http: TLS handshake error from 10.130.0.158:36176: tls: client didn't provide a certificate
2022/11/23 06:57:39 http: TLS handshake error from 10.128.2.68:49026: tls: client didn't provide a certificate
2022/11/23 06:57:39 http: TLS handshake error from 10.128.0.90:54400: tls: client didn't provide a certificate
2022/11/23 06:57:39 http: TLS handshake error from 10.128.0.90:54414: tls: client didn't provide a certificate
2022/11/23 06:57:39 http: TLS handshake error from 10.129.2.61:55382: tls: client didn't provide a certificate
2022/11/23 06:57:39 http: TLS handshake error from 10.130.0.158:36188: tls: client didn't provide a certificate
2022/11/23 06:57:40 http: TLS handshake error from 10.130.0.158:36202: tls: client didn't provide a certificate
2022/11/23 06:57:40 http: TLS handshake error from 10.129.0.72:57822: tls: client didn't provide a certificate
2022/11/23 06:57:40 http: TLS handshake error from 10.128.2.68:49038: tls: client didn't provide a certificate
2022/11/23 06:57:40 http: TLS handshake error from 10.129.0.72:57832: tls: client didn't provide a certificate
2022/11/23 06:57:40 http: TLS handshake error from 10.130.0.158:36206: tls: client didn't provide a certificate
2022/11/23 06:57:40 http: TLS handshake error from 10.128.0.90:54424: tls: client didn't provide a certificate
2022/11/23 06:57:40 http: TLS handshake error from 10.128.0.90:54436: tls: client didn't provide a certificate
2022/11/23 06:57:40 http: TLS handshake error from 10.128.0.90:54444: tls: client didn't provide a certificate
2022/11/23 06:57:40 http: TLS handshake error from 10.129.2.61:55396: tls: client didn't provide a certificate
2022/11/23 06:57:40 http: TLS handshake error from 10.128.0.90:54460: tls: client didn't provide a certificate
2022/11/23 06:57:40 http: TLS handshake error from 10.130.0.158:36222: tls: client didn't provide a certificate
2022/11/23 06:57:41 http: TLS handshake error from 10.129.0.72:57840: tls: client didn't provide a certificate
2022/11/23 06:57:41 http: TLS handshake error from 10.129.0.72:49914: tls: client didn't provide a certificate 

$ oc get pod -l component=collector -ojson| jq .items[].status.podIP
"10.130.0.158"
"10.128.0.90"
"10.128.2.68"
"10.131.0.91"
"10.129.2.61"
"10.129.0.72"

      vector.toml vector.toml

      Version-Release number of selected component (if applicable):

      loki-operator.v5.6.0

      cluster-logging.v5.6.0

      How reproducible:

      Always

      Steps to Reproduce:

      follow the steps in https://polarion.engineering.redhat.com/polarion/#/project/OSE/workitem?id=OCP-49495 

      Actual results:

      Logs can't be forwarded to loki without gateway

      Expected results:

      Logs should be forwarded to loki without gateway

      Additional info:

      No issue when testing logging 5.5

        1. vector.toml
          13 kB

            ptsiraki@redhat.com Periklis Tsirakidis
            qitang@redhat.com Qiaoling Tang
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: