Details
-
Bug
-
Resolution: Done
-
Blocker
-
Logging 5.6.0
-
False
-
None
-
False
-
NEW
-
VERIFIED
Description
Description of problem:
key_pass is text, not file in vector.toml. refer to https://vector.dev/docs/reference/configuration/sources/kafka/
[sinks.kafka_app.tls]
enabled = true
key_pass = "/var/run/ocp-collector/secrets/kafka-fluentd/passphrase"
key_file = "/var/run/ocp-collector/secrets/kafka-fluentd/tls.key"
crt_file = "/var/run/ocp-collector/secrets/kafka-fluentd/tls.crt"
ca_file = "/var/run/ocp-collector/secrets/kafka-fluentd/ca-bundle.crt"
Steps to Reproduce:
1. deploy kafka with ssl.client.auth=required
git clone git@gitlab.cee.redhat.com:anli/aosqe-tools.git
cd logging/log_template/kafka/kafka-2.4.1/
sh 01_create-pki-cluster-client_passphase.sh
sh 10_deploy-kafka-plaintext-ssl.sh
2. use certificate with passphase to forward logs to kafka
sh 20_create-clf-kafka-mutual_ssl_passphase.sh
#oc n openshift-logging create secret generic kafka-fluentd --from-file=ca-bundle.crt=ca/ca_bundle.crt --from-file=tls.crt=client/client.crt -from-file=tls.key=client/client.key --from-literal=sasl_over_ssl=true --from-literal=passphrase=aosqe2021
Actual results:
[sinks.kafka_app.tls]
enabled = true
key_pass = "/var/run/ocp-collector/secrets/kafka-fluentd/passphrase"
key_file = "/var/run/ocp-collector/secrets/kafka-fluentd/tls.key"
crt_file = "/var/run/ocp-collector/secrets/kafka-fluentd/tls.crt"
ca_file = "/var/run/ocp-collector/secrets/kafka-fluentd/ca-bundle.crt"
Expected results:
[sinks.kafka_app.tls]
enabled = true
key_pass = "aosqe2021"
key_file = "/var/run/ocp-collector/secrets/kafka-fluentd/tls.key"
crt_file = "/var/run/ocp-collector/secrets/kafka-fluentd/tls.crt"
ca_file = "/var/run/ocp-collector/secrets/kafka-fluentd/ca-bundle.crt"
Attachments
Issue Links
- clones
-
-
- Closed
-
