Loading...

Type: Bug
Resolution: Done-Errata
Priority: Normal
Fix Version/s: Logging 5.9.8
Affects Version/s: Logging 5.9.7
Component/s: Log Collection
Labels:
- devel_ack+

Blocked:
False
Blocked Reason:
None
Ready:
False
Docs QE Status:
NEW
QE Status:
VERIFIED
Release Note Text:
Before this update, there was a LF character under the ES auth config in vector.toml which lead to collector pods crashing. With this update, newline symbol is trimmed for username/password which resolves the issue.
Release Note Type:
Bug Fix
Intelligence Requested:
Market:

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

Description of problem:

When configuring Openshift log forwarding to an external Elasticsearch instance that uses authentication (username and password), the username and password are inserted wrong in the vector.toml file created for the collector and so the collector pods keep in crashloopbackoff.

Version-Release number of selected component (if applicable):

$ oc get csv -n openshift-logging
NAME                     DISPLAY                     VERSION   REPLACES                 PHASE
cluster-logging.v5.9.7   Red Hat OpenShift Logging   5.9.7     cluster-logging.v5.9.6   Succeeded

How reproducible:

For me, always

Steps to Reproduce:

Install the logging operator
Create the secret with external elasticsearch credentials and CA certificate chain
Create the service account with permissions to collect logs
Create the clusterlogforwarder object with the following section:

spec:
  serviceAccountName: log-collector-sa
  outputs:
   - name: external-elasticsearch
     type: elasticsearch
     elasticsearch:
       version: 8
     secret:
       name: external-elasticsearch-secret <--- points to secret created in step 2

Actual results:

Pods are created but keep crashloopbackoff, because a LF character is inserted at the end of the username and the password like this:

#--vector.toml--
...

Basic Auth Config
[sinks.output_external_elasticsearch.auth]
strategy = "basic"
user = "elasticsearch_user
"
password = "secret_password
"
...

Pods logs show the following:

$ for pod in $(oc get pod -n openshift-logging -l component=collector -oname); do oc logs $pod -n openshift-logging; echo; done

2024-10-02T15:08:25.573973756Z Creating the directory used for persisting Vector state /var/lib/vector/openshift-logging/external-elasticsearch
2024-10-02T15:08:25.578360529Z Checking for buffer lock files
2024-10-02T15:08:25.578477728Z /var/lib/vector/openshift-logging/external-elasticsearch /usr/bin
2024-10-02T15:08:35.591239506Z found lock files: ''
2024-10-02T15:08:35.591239506Z /usr/bin
2024-10-02T15:08:35.591332935Z Starting Vector process...
2024-10-02T15:08:35.634085625Z 2024-10-02T15:08:35.633927Z ERROR vector::cli: Configuration error. error=TOML parse error at line 543, column 23
2024-10-02T15:08:35.634085625Z     |
2024-10-02T15:08:35.634085625Z 543 | user = "openshift_user
2024-10-02T15:08:35.634085625Z     |                       ^
2024-10-02T15:08:35.634085625Z invalid basic string
2024-10-02T15:08:35.634085625Z 2024-10-02T15:08:06.480448726Z Creating the directory used for persisting Vector state /var/lib/vector/openshift-logging/external-elasticsearch
2024-10-02T15:08:06.484908780Z Checking for buffer lock files
2024-10-02T15:08:06.484908780Z /var/lib/vector/openshift-logging/external-elasticsearch /usr/bin
2024-10-02T15:08:16.497685930Z found lock files: ''
2024-10-02T15:08:16.497761520Z /usr/bin
2024-10-02T15:08:16.497761520Z Starting Vector process...
2024-10-02T15:08:16.533776265Z 2024-10-02T15:08:16.533660Z ERROR vector::cli: Configuration error. error=TOML parse error at line 543, column 23
2024-10-02T15:08:16.533776265Z     |
2024-10-02T15:08:16.533776265Z 543 | user = "openshift_user
2024-10-02T15:08:16.533776265Z     |                       ^
2024-10-02T15:08:16.533776265Z invalid basic string
2024-10-02T15:08:16.533776265Z 2024-10-02T15:07:50.209787309Z Creating the directory used for persisting Vector state /var/lib/vector/openshift-logging/external-elasticsearch
2024-10-02T15:07:50.214210344Z Checking for buffer lock files
2024-10-02T15:07:50.214268440Z /var/lib/vector/openshift-logging/external-elasticsearch /usr/bin
2024-10-02T15:08:00.226837052Z found lock files: ''
2024-10-02T15:08:00.226837052Z /usr/bin
2024-10-02T15:08:00.226932624Z Starting Vector process...
2024-10-02T15:08:00.273222092Z 2024-10-02T15:08:00.273113Z ERROR vector::cli: Configuration error. error=TOML parse error at line 543, column 23
2024-10-02T15:08:00.273222092Z     |
2024-10-02T15:08:00.273222092Z 543 | user = "openshift_user
2024-10-02T15:08:00.273222092Z     |                       ^
2024-10-02T15:08:00.273222092Z invalid basic string
2024-10-02T15:08:00.273222092Z

Expected results:

Pods are created, start collecting logs and sending them to external elasticsearch

Additional info:

This is on an on-premises OCP 4.16 cluster with logging operator version 5.9.7

clones

LOG-6203 Configuring Openshift log forwarding to external Elasticsearch creates incorrect vector.toml file

Closed

is duplicated by

LOG-6203 Configuring Openshift log forwarding to external Elasticsearch creates incorrect vector.toml file

Closed

links to

openshift/cluster-logging-operator#2814: LOG-6206: trim newline symbol for username/password

RHSA-2024:139731 Logging for Red Hat OpenShift - 5.9.8

mentioned on

Merge request - Updated US source to: 537b63f LOG-6206: trim newline symbol for username/password

Details

Description

Description of problem:

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:

Actual results:

Expected results:

Additional info:

Attachments

Issue Links

Activity

People

Dates