Uploaded image for project: 'Network Observability'
  1. Network Observability
  2. NETOBSERV-857

After some time, it fails to retrieve flows

    XMLWordPrintable

Details

    • False
    • None
    • False
    • NetObserv - Sprint 232, NetObserv - Sprint 233
    • Critical

    Description

      After 2+ hours, Network Observability is unable to retrieve flows anymore. It reports an error where it no longer recognizes the server cert (see attachment). To reproduce,

      1. Install Loki Operator 5.6.
      2. Create a LokiStack.
      3. Install Network Observability Operator 1.0.0.
      4. Create a FlowCollector. Configure the tls section as follows:

        tls
    caCert
      certFile: service-ca.crt
      name: lokistack-gateway-ca-bundle
      type: configmap
    X enable

      Leave insecureSkipVerify disabled.

      5. Leave it running for 2+ hours.

      This is consistently reproducible.

      Workarounds:

      • Enable insecureSkipVerify. It now works. Even if you change it back to disable, it still works!
      • Delete FlowCollector and create a new one. The flows start working again.

      Attachments

        Activity

          People

            jpinsonn@redhat.com Julien Pinsonneau
            stlee@redhat.com Steven Lee
            Mehul Modi Mehul Modi
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: