Uploaded image for project: 'Network Observability'
  1. Network Observability
  2. NETOBSERV-857

After some time, it fails to retrieve flows

XMLWordPrintable

    • False
    • None
    • False
    • NetObserv - Sprint 232, NetObserv - Sprint 233
    • Critical

      After 2+ hours, Network Observability is unable to retrieve flows anymore. It reports an error where it no longer recognizes the server cert (see attachment). To reproduce,

      1. Install Loki Operator 5.6.
      2. Create a LokiStack.
      3. Install Network Observability Operator 1.0.0.
      4. Create a FlowCollector. Configure the tls section as follows:

        tls
    caCert
      certFile: service-ca.crt
      name: lokistack-gateway-ca-bundle
      type: configmap
    X enable

      Leave insecureSkipVerify disabled.

      5. Leave it running for 2+ hours.

      This is consistently reproducible.

      Workarounds:

      • Enable insecureSkipVerify. It now works. Even if you change it back to disable, it still works!
      • Delete FlowCollector and create a new one. The flows start working again.

        1. Screenshot from 2023-01-30 14-18-30-auth_issue.png
          Screenshot from 2023-01-30 14-18-30-auth_issue.png
          182 kB
        2. image-2023-03-07-13-47-54-219.png
          image-2023-03-07-13-47-54-219.png
          137 kB
        3. screenshot-1.png
          screenshot-1.png
          189 kB

            jpinsonn@redhat.com Julien Pinsonneau
            stlee@redhat.com Steven Lee
            Mehul Modi Mehul Modi
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated:
              Resolved: