Uploaded image for project: 'Network Observability'
  1. Network Observability
  2. NETOBSERV-857

After some time, it fails to retrieve flows

XMLWordPrintable

    • False
    • None
    • False
    • NetObserv - Sprint 232, NetObserv - Sprint 233
    • Critical

      After 2+ hours, Network Observability is unable to retrieve flows anymore. It reports an error where it no longer recognizes the server cert (see attachment). To reproduce,

      1. Install Loki Operator 5.6.
      2. Create a LokiStack.
      3. Install Network Observability Operator 1.0.0.
      4. Create a FlowCollector. Configure the tls section as follows:

        tls
    caCert
      certFile: service-ca.crt
      name: lokistack-gateway-ca-bundle
      type: configmap
    X enable

      Leave insecureSkipVerify disabled.

      5. Leave it running for 2+ hours.

      This is consistently reproducible.

      Workarounds:

      • Enable insecureSkipVerify. It now works. Even if you change it back to disable, it still works!
      • Delete FlowCollector and create a new one. The flows start working again.

        1. image-2023-03-07-13-47-54-219.png
          image-2023-03-07-13-47-54-219.png
          137 kB
        2. screenshot-1.png
          screenshot-1.png
          189 kB
        3. Screenshot from 2023-01-30 14-18-30-auth_issue.png
          Screenshot from 2023-01-30 14-18-30-auth_issue.png
          182 kB

              jpinsonn@redhat.com Julien Pinsonneau
              stlee@redhat.com Steven Lee
              Mehul Modi Mehul Modi
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated:
                Resolved: