This is essentially the same as NETOBSERV-665 except the behavior is slightly different due to code changes since then. It is also likely to happen more often because in Web Console, the default value, which isn't immediately visible, is not set correctly for Loki Operator 5.6.

If you install Loki Operator 5.6 and create the FlowCollector resource with TLS enabled and no changes to the CA cert configuration, flowlogs-pipeline will be stuck at ContainerCreating state. There is no other indication that there was a failure. The log is empty for flowlogs-pipeline. There is no Network Traffic panel.

The reason is because it configures the following:

  tls
    caCert
      certFile: service-ca.crt
      name: loki-ca-bundle
      type: configmap
    enable: true
    insecureSkipVerify: false

With Loki Operator 5.6, the CA cert is different because of LokiStack and hence, the configmap name should be `lokistack-gateway-ca-bundle` instead of `loki-ca-bundle`.  Note: Replace "lokistack" with the name you gave for LokiStack so if it's called "loki" then the configmap name should be `loki-gateway-ca-bundle`.

This problem is not specific to Loki Operator 5.6 as any misconfiguration of the CA cert will result in this issue. Note that editing this YAML file will not fix this issue as the pods will not terminate. You have to delete and recreate the FlowCollector resource.